Researchers from the cyber security firm, Trend Micro, revealed that more than 800 Android applications of the Google Play Store are embedded with the software development kit (SDK) of "Xavier," an information-stealing ad library. The SDK allows remote access to the device it's downloaded to and silently steal and leak a user's personal information, making it what is known as a Trojan Horse, or Trojan.
The apps found with the Trojan include photo utility apps and wallpaper and ringtone changers. Approximately 75 apps have removed the software from their code. So far, there have been millions of downloads of these apps, mostly from countries in Southeast Asia, with 23.27 per cent of the downloads coming from Vietnam. Countries in Europe and the U.S. were not as infected.
According to the researchers, the Trojan uses various forms of encryption such as String, internet data and emulator encryption so it can't be detected. It also has the ability to download and execute other malicious software.
The researchers say the best way to avoid infection is to read the reviews of an app before downloading it. If the reviews are poor and they mention security issues, the app shouldn't be downloaded, even if it's from a trusted source like Google Play.
|wnantes / Pixabay|