Description: The report discusses a new Android Malware, “Android/Xamalicious,” that has been actively infecting devices and taking full control for illicit purposes such as unauthorized financial transactions, remote attacks, and stealing sensitive information. The malware is linked to the ad-fraud app “Cash Magnet” and has been detected on 327,000 devices. It disguises itself as apps from various categories, including health, games, horoscope, and productivity.

Context: Cybersecurity analysts at McAfee Mobile Research found this malware, which uses the Xamarin framework for infection. It uses social engineering to gain accessibility privileges and communicates with the C2 server. The malware has been active in third-party markets and has been in some Google Play apps since mid-2020.

Importance: The malware poses a significant threat to user privacy, security, and overall cybersecurity. The malware has already infected a substantial number of devices, indicating its successful propagation and potential for future breaches.

Key Points: – The malware uses social engineering for accessibility, communicates with C2 servers, and hides its malicious code through Xamarin.

Urgency: The situation is urgent due to the high number of devices already infected and the significant risks it poses to user privacy and security.

Recommended Actions: Users should avoid downloading apps from third-party markets and only use trusted sources like Google Play. It would help if they kept their devices updated and installed a reliable security software. Google and other responsible organizations should take proactive measures to mitigate potentially harmful applications and investigate and remove malicious apps from their platforms.

Distribution: This report is recommended for all Android device users, app developers, cybersecurity teams, and organizations that prioritize their digital security, including Google and McAfee.