[ad_1]
I thought I was in a state of Android malware It doesn’t get any worse than this, new version of XLoader It was discovered that it can launch automatically on infected smartphones.
According to reports peepee computerXLoader is a malware strain that is being used to target owners of. best android smartphones In the past, it has also been carried out in the United States, United Kingdom, Germany, France, Japan, South Korea, and Taiwan. But now security researchers are McAfee We discovered a new XLoader variant that can be launched immediately after installation.
Typically, when Android malware spreads, malicious app or suspicious download, potential victims must first open the app or the file containing it before running the app on their phone. This is not the case with XLoader. XLoader can now extract all kinds of sensitive data from compromised devices, including photos, text messages, contact lists, hardware details, etc. while running in the background.
Since it was first introduced in 2015, XLoader has gone through various revisions to improve its functionality and Allowed malware to target your Mac. Here’s what you need to know about this new Android threat and the steps you can take to protect yourself from it.
Impersonate Google Chrome
So how does XLoader malware get into your Android smartphone? According to McAfee reporttypically distributed via. malicious link Sent via text message. These links are shortened to help you avoid detection and if you receive an unknown number, or a text message from a friend. shortened link As such, it is best not to open it.
These suspicious links lead to Android APK files that are used to sideload apps instead of installing them directly. Google Play Store. Although it is convenient, Sideloading apps This is also something you should avoid if you want to avoid nasty malware infections.
If a potential victim clicks on a link and attempts to download and install the APK, this variant of the XLoader malware can launch automatically without any user interaction. However, if you actually try to launch this mysterious app sent to you by a stranger, XLoader has another neat trick up its sleeve to avoid detection and gain further access to your phone.
This malware impersonates Google Chrome and tricks victims into enabling it. dangerous privileges Send and display text messages, run in the background, and more. It goes a step further and asks users if they want to set it as the default girlfriend SMS app, in the name of helping prevent spam.
During this process, victims’ smartphones display pop-up messages in English, Korean, French, Japanese, German, and Hindi, making the app more reliable no matter what their native language is.
If you thought XLoader was done smartly, you’d be wrong. The malware can also extract phishing messages and malicious URLs from Pinterest profiles and send them to infected smartphones. Again, this is to avoid detection by. best antivirus software and other security checks. If for some reason the malware is unable to access her Pinterest, it uses a hard-coded phishing message to notify potential victims that there is a problem with their bank account and that they need to take immediate action.
How to protect yourself from Android malware
Avoiding Android malware like XLoader is easy, but you need to be a little more careful online to keep your phone from getting infected.
In addition to not sideloading apps or opening shortened URLs in text messages or other messages, you should be very careful when giving permissions to the apps you install. Does the ruler app really need to access text messages or internal storage? I didn’t think so.
It can also be helpful to limit the number of apps you install on your Android smartphone. Even a good app can go bad. If malicious code is injected. We also recommend using apps from reputable developers rather than just installing new apps you find online. Hackers and other cybercriminals are adept at exploiting trends and fads, and this is one of the ways he tricks potential victims into committing an attack.
No matter which Android smartphone you buy, there’s a very good chance it comes with one. Google Play Protect Preinstalled. However, you should make sure this app is enabled because it can scan all your existing apps and any new apps you download for malware. Similarly, for added protection, you may also consider installing one of the following: Best Android antivirus app run alongside it.
XLoader has been constantly evolving since it was first released in 2015, and it is very likely that we will see new variants of this malware strain in the future with improved capabilities to evade detection. . So be careful when downloading new apps or opening links sent in messages or emails.
More about Tom’s guide
[ad_2]
Source link