A new Android Trojan may target your brand new device. Even scarier, it has spread to the Google Play Store. The virus pretends to be innocent apps related to health, games, horoscope and productivity. Google removed these apps from the Play Store, but not before they were downloaded by hundreds of thousands of users worldwide, and they may still be lurking around the web.
What is Xamalicious and how does it work?
The Xamalicious Trojan uses innocent apps to bypass your accessibility features. It then controls your phone using features that are normally locked to control your device. Specifically, the Trojan scans your device for any information a hacker might use: your OS, location, contacts, passwords, and more. It then executes code to hijack your device and get your information.
So far, the virus has been attached to 13 apps on Google Play, which have been removed. Removing Google from the app store will not remove it from your device. If you have any of the following apps installed, remove them immediately:
- Step Keeper: A simple pedometer
- Track your sleep
- Basic Horoscope for Android
- 3D skin editor for PE Minecraft
- Logo Maker Pro
- Automatic click repeat
- Counting with a simple calorie calculator
- Sound volume amplifier
- Numerology: Personal Horoscope and Number Predictions
- Sound volume amplifier
- Astrology Navigator: Daily Horoscope and Tarot
- Universal calculator
The virus does not work alone. McAfee researchers Found a link to another app called Cash Magnet that can be installed by Xamalicious. This app automatically clicks ads, installs apps, sends messages and other actions to fraudulently steal money.
How to protect yourself from Xamalicious
It is important to note that these applications may be available in third-party app markets or online.
1) Stick to official app stores
First, stick to official app stores like Google Play Store, Amazon Appstore or Samsung Galaxy Store. All of them have protection against malware, but not 100%. Android users are protected by Google Play Protect, which can warn you about identified malicious apps on Android devices, but it doesn't guarantee that all apps are safe.
2) Sideloading is a bad idea
Also, this story is a good reminder why sideloading is a bad idea. Sideloading is when you download an app directly from a website. While this may be convenient, you never know what might be hiding in those files.
3) Have a good antivirus program on all your devices
You should always have a good one Antivirus program Works on all your devices. Antivirus software helps protect you from clicking on potentially harmful links or downloading dangerous viruses like the Xamalicious Trojan that could allow hackers to gain access to your personal information. Get my picks for the best antivirus protection winners for your Windows, Mac, Android, and iOS devices.
What should you do if your data is compromised?
If malware has already infiltrated your device, then you should take immediate steps to mitigate the damage and protect your device. Here are some steps you can take.
Change your passwords
Xamalicious can give hackers access to your online accounts and your personal or financial information. To avoid this, you should change the passwords of all your important accounts as soon as possible. However, you should not do this on your infected device, as the hacker may be able to see your new passwords. Instead, you should use other device, such as your laptop or desktop, to change your passwords. Make sure you use strong and unique passwords that are difficult to guess or crack. You can also use a password manager To generate and store your passwords securely.
Monitor your accounts and transactions
You should regularly check your online accounts and transactions for suspicious or unauthorized activity. If you notice anything unusual, report it to your service provider or the authorities as soon as possible. You should also review your credit reports and scores for signs identity theft or fraud.
Use identity theft protection
Xamalicious can access everything on your Android device, including your personal and financial information. Hackers can use this information to create fake accounts in your name, access your existing accounts, and claim online. This can seriously damage your identity and credit score.
To avoid this, you should use identity theft protection services. These services may track your personal information, such as your home title, Social Security Number (SSN), phone number, and email address, and notify you if they detect any suspicious activity. They can also help freeze your bank and credit card accounts to stop hackers from using them. Read more about my review of the best identity theft protection services here.
Contact your bank and credit card companies
If hackers obtain your bank or credit card information, they can use it to make purchases or withdrawals without your consent. You should contact your bank and credit card companies and inform them of the situation. They can help you freeze or cancel your cards, dispute fraudulent charges, and issue new cards.
Alert your contacts
If hackers have access to your email or social media accounts, they can use them to send Spam or Phishing messages your contacts. They can also identify you and ask for money or personal information. You should alert your contacts and warn them not to open or respond to messages from you that appear suspicious or unusual.
Restore your device to factory settings
If you want to make sure that your device is completely free of malware or spyware, you can restore it Factory settings. This will erase all your data and settings and reinstall the original version of Android. You must Backup backup your important data before doing so and only restore them from a trusted source.
Viruses like Xamalicious are nothing to worry about, especially when you consider that they followed Google's strict guidelines. That's why it's so important to be vigilant in the app store. Only download apps from trusted publishers and read reviews.
Worried about Xamalicious? What steps are you taking to protect yourself? Notify us by email Cyberguy.com/Contact.
For more of my tech tips and security alerts, subscribe to my free CyberGuy Report Newsletter by going to Cyberguy.com/Newsletter.
Answers to CyberGuy's most frequently asked questions:
Ideas for using these holiday gift cards:
Copyright 2024 CyberGuy.com. All rights reserved.