Cybersecurity experts have recently revealed an updated version of the Android XLoader malware, capable of self-execution without requiring user interaction. Crafted by a threat actor known as 'Roaming Mantis,' the malware primarily spreads through an SMS text containing a shortened URL. Clicking on this link directs users to a page urging them to download an Android installation file (APK) for a mobile app.
As detailed in a recent report by BleepingComputer, McAfee researchers highlighted that this new variant of XLoader malware has the ability to automatically initiate itself post-installation. Disguised as 'Chrome' with an italicized 'r,' the app prompts users to grant it continuous background operation. XLoader further requests users to designate it as the default SMS app, presenting prompts in various languages including English, French, Japanese, Hindi, and German.
While McAfee has already reported this new XLoader variant to Google, its capacity for autonomous malicious actions enables it to pilfer sensitive information such as passwords, texts, photos, contacts, and hardware details like the device's IMEI, SIM, and serial number.
How To Protect Yourself From This
To safeguard your Android device from potential XLoader infections, it is crucial to ensure that Google Play Protect is active. Although this service is typically enabled by default on Android devices that come equipped with preinstalled Google services, there may be instances where users disable it to accommodate applications flagged as malicious by the service.
In the event that you have intentionally disabled this feature and wish to reinstate it, the process is straightforward. Simply access the Google Play Store on your device, locate and tap on your profile picture positioned at the top right of the screen. Subsequently, navigate to the 'Play Protect' option and, on the ensuing screen, select 'Turn on' to reactivate this protective feature. By taking these precautionary measures, you enhance the security of your Android device against potential threats like the XLoader malware.