Beware of new Android malware hiding in popular apps

A new Android Trojan may target your brand new device. Even scarier, it has spread to the Google Play Store. The virus pretends to be innocent apps related to health, games, horoscope and productivity. Google removed these apps from the Play Store, but not before they were downloaded by hundreds of thousands of users worldwide, and they may still be lurking around the web.

Click to receive Kurt's free CyberGuy newsletter with security alerts, quick video tips, tech reviews and easy tips to get smarter

Beware of new Android malware hiding in popular apps

Android image (Kurt “Cyberguy” Knutson)

What is Xamalicious and how does it work?

The Xamalicious Trojan uses innocent apps to bypass your accessibility features. It then controls your phone using features that are normally locked to control your device. Specifically, the Trojan scans your device for any information a hacker might use: your OS, location, contacts, passwords, and more. It then executes code to hijack your device and get your information.

So far, the virus has been attached to 13 apps on Google Play, which have been removed. Removing Google from the app store will not remove it from your device. If you have any of the following apps installed, remove them immediately:

  • Step Keeper: A simple pedometer
  • Track your sleep
  • Basic Horoscope for Android
  • 3D skin editor for PE Minecraft
  • Logo Maker Pro
  • Automatic click repeat
  • Counting with a simple calorie calculator
  • Sound volume amplifier
  • LetterLink
  • Numerology: Personal Horoscope and Number Predictions
  • Sound volume amplifier
  • Astrology Navigator: Daily Horoscope and Tarot
  • Universal calculator

The virus does not work alone. McAfee researchers Found a link to another app called Cash Magnet that can be installed by Xamalicious. This app automatically clicks ads, installs apps, sends messages and other actions to fraudulently steal money.

Beware of new Android malware hiding in popular apps

A woman is holding an android (Kurt “Cyberguy” Knutson)

More: This stealthy Android malware can steal your money and invade your privacy

How to protect yourself from Xamalicious

It is important to note that these applications may be available in third-party app markets or online.

1) Stick to official app stores

First, stick to official app stores like Google Play Store, Amazon Appstore or Samsung Galaxy Store. All of them have protection against malware, but not 100%. Android users are protected by Google Play Protect, which can warn you about identified malicious apps on Android devices, but it doesn't guarantee that all apps are safe.

2) Sideloading is a bad idea

Also, this story is a good reminder why sideloading is a bad idea. Sideloading is when you download an app directly from a website. While this may be convenient, you never know what might be hiding in those files.

3) Have a good antivirus program on all your devices

You should always have a good one Antivirus program Works on all your devices. Antivirus software helps protect you from clicking on potentially harmful links or downloading dangerous viruses like the Xamalicious Trojan that could allow hackers to gain access to your personal information. Get my picks for the best antivirus protection winners for your Windows, Mac, Android, and iOS devices.

Beware of new Android malware hiding in popular apps

Android image (Kurt “Cyberguy” Knutson)

MORE: Beware of these popular Android apps that contain deceptive ads

What should you do if your data is compromised?

If malware has already infiltrated your device, then you should take immediate steps to mitigate the damage and protect your device. Here are some steps you can take.

Change your passwords

Xamalicious can give hackers access to your online accounts and your personal or financial information. To avoid this, you should change the passwords of all your important accounts as soon as possible. However, you should not do this on your infected device, as the hacker may be able to see your new passwords. Instead, you should use other device, such as your laptop or desktop, to change your passwords. Make sure you use strong and unique passwords that are difficult to guess or crack. You can also use a password manager To generate and store your passwords securely.

Monitor your accounts and transactions

You should regularly check your online accounts and transactions for suspicious or unauthorized activity. If you notice anything unusual, report it to your service provider or the authorities as soon as possible. You should also review your credit reports and scores for signs identity theft or fraud.

Use identity theft protection

Xamalicious can access everything on your Android device, including your personal and financial information. Hackers can use this information to create fake accounts in your name, access your existing accounts, and claim online. This can seriously damage your identity and credit score.

To avoid this, you should use identity theft protection services. These services may track your personal information, such as your home title, Social Security Number (SSN), phone number, and email address, and notify you if they detect any suspicious activity. They can also help freeze your bank and credit card accounts to stop hackers from using them. Read more about my review of the best identity theft protection services here.

Contact your bank and credit card companies

If hackers obtain your bank or credit card information, they can use it to make purchases or withdrawals without your consent. You should contact your bank and credit card companies and inform them of the situation. They can help you freeze or cancel your cards, dispute fraudulent charges, and issue new cards.

Alert your contacts

If hackers have access to your email or social media accounts, they can use them to send Spam or Phishing messages your contacts. They can also identify you and ask for money or personal information. You should alert your contacts and warn them not to open or respond to messages from you that appear suspicious or unusual.

Restore your device to factory settings

If you want to make sure that your device is completely free of malware or spyware, you can restore it Factory settings. This will erase all your data and settings and reinstall the original version of Android. You must Backup backup your important data before doing so and only restore them from a trusted source.

MORE: 7 Signs You're Broke

Kurt's key

Viruses like Xamalicious are nothing to worry about, especially when you consider that they followed Google's strict guidelines. That's why it's so important to be vigilant in the app store. Only download apps from trusted publishers and read reviews.

Worried about Xamalicious? What steps are you taking to protect yourself? Notify us by email

For more of my tech tips and security alerts, subscribe to my free CyberGuy Report Newsletter by going to

Ask Kurt a question or let us know what stories you want us to cover.

Answers to CyberGuy's most frequently asked questions:

Ideas for using these holiday gift cards:

Copyright 2024 All rights reserved.