There have been multiple accounts created with the sole purpose of posting advertisement posts or replies containing unsolicited advertising.

Accounts which solely post advertisements, or persistently post them may be terminated.

Xamalicious Android Malware Affects Over 327,000 Devices

It spread through Google Play, in addition to other third-party app stores:

In a blog post written by the McAfee Mobile Research Team blog post, they said it identified about 25 different malicious apps that contain the threat, 13 of which were distributed on Google Play, some since mid-2020.

Some of the apps affected by Xamalicious malware include Essential Horoscope for Android (100,000 installs), 3D Skin Editor for PE Minecraft (100,000 installs), Logo Maker Pro (100,000 installs), Auto Click Repeater (10,000 installs), Count Easy Calorie Calculator (10,000 installs), Dots: One Line Connector (10,000 installs), and Sound Volume Extender (5,000 installs), amongst others.

smik ,
@smik@discuss.tchncs.de avatar

Link to the source blog entry. It has more information on how the malware went undetected and how it worked.

CrayonRosary , (edited )

The key takeaway: never give an app accessibility permissions when it asks unless you are specifically installing an accessibility app. It could never have done anything without that permission.

The McAfee article (found elsewhere in these comments) said the bad apps obtained accessibility permissions through “social engineering” which probably means it simply asked for them after telling you to ignore the serious warnings Android gives you when an app asks for them.

  • All
  • Subscribed
  • Moderated
  • Favorites
  • [email protected]
  • random
  • lifeLocal
  • goranko
  • All magazines
    •