Trend Micro has detailed a trojan Android advertisement library called Xavier, which steals and leaks user data.
“Xavier’s impact has been widespread. Based on data from Trend Micro Mobile App Reputation Service, we detected more than 800 applications embedded the ad library’s SDK that have been downloaded millions of times from Google Play,” said the company.
Apps embedded with the ad library range from utility apps to wallpaper and ringtone changers.
“Xavier’s stealing and leaking capabilities are difficult to detect because of a self-protect mechanism that allows it to escape both static and dynamic analysis.”
The most dangerous aspect of the malware, however, is that it can download and execute malicious code on your device.
The easiest way to avoid “cunning malware” like Xavier is to not install applications from an unknown source, even if they are from legitimate app stores like Google Play.
It can also help to read reviews from other users who have downloaded the application.
“Updating and patching mobile devices will also help keep malware that targets vulnerabilities at bay.”