top of page
  • Clipeus

Trojanized Android Apps Distribute Novel Malware

McAfee discovered a new Android backdoor, dubbed "Android/Xamalicious." The malware has been created with the open-source framework Xamarin. The distribution occurs via malicious Android applications available on Google Play. Reportedly abused applications include:

  • Essential Horoscope

  • 3D Skin Editor

  • Logo Maker Pro

  • Auto Click Repeater

  • Count Easy Calorie Calculator

  • Sound Volume Extender

  • LetterLink

  • Numerology

  • Step Keeper

  • Track Your Sleep

  • Sound Volume Booster

  • Astrological Navigator

  • Universal Calculator

  • Dots Link Puzzles

Once installed, the malicious application operates as a stager responsible for acquiring permissions from the user, downloading, and installing a second-stage malware with the capability to take control of the device. It can perform fraudulent actions, such as clicking on ads and installing apps without user consent.

The malware has a self-update function that enables a wide range of threats, including serving as an access broker for the deployment of additional malware, information stealing, and banking trojan-like activities. However, the main malicious activity observed so far appears to be operating as a bot to perform revenue-generating clicks without any actual user interaction.

Reports suggest over 300 thousand devices have been affected globally.


Commenting has been turned off.

If you are interested in specifics or additional insights on the threats above or any other threat, please visit our dedicated service page or reach out to with your inquiry. We would be glad to assist you

bottom of page