this post was submitted on 30 Dec 2023
34 points (97.2% liked)

Android

27896 readers
315 users here now

DROID DOES

Welcome to the droidymcdroidface-iest, Lemmyest (Lemmiest), test, bestest, phoniest, pluckiest, snarkiest, and spiciest Android community on Lemmy (Do not respond)! Here you can participate in amazing discussions and events relating to all things Android.

The rules for posting and commenting, besides the rules defined here for lemmy.world, are as follows:

Rules


1. All posts must be relevant to Android devices/operating system.


2. Posts cannot be illegal or NSFW material.


3. No spam, self promotion, or upvote farming. Sources engaging in these behavior will be added to the Blacklist.


4. Non-whitelisted bots will be banned.


5. Engage respectfully: Harassment, flamebaiting, bad faith engagement, or agenda posting will result in your posts being removed. Excessive violations will result in temporary or permanent ban, depending on severity.


6. Memes are not allowed to be posts, but are allowed in the comments.


7. Posts from clickbait sources are heavily discouraged. Please de-clickbait titles if it needs to be submitted.


8. Submission statements of any length composed of your own thoughts inside the post text field are mandatory for any microblog posts, and are optional but recommended for article/image/video posts.


Community Resources:


We are Android girls*,

In our Lemmy.world.

The back is plastic,

It's fantastic.

*Well, not just girls: people of all gender identities are welcomed here.


Our Partner Communities:

!android@lemmy.ml


founded 1 year ago
MODERATORS
 

It spread through Google Play, in addition to other third-party app stores:

In a blog post written by the McAfee Mobile Research Team blog post, they said it identified about 25 different malicious apps that contain the threat, 13 of which were distributed on Google Play, some since mid-2020.

Some of the apps affected by Xamalicious malware include Essential Horoscope for Android (100,000 installs), 3D Skin Editor for PE Minecraft (100,000 installs), Logo Maker Pro (100,000 installs), Auto Click Repeater (10,000 installs), Count Easy Calorie Calculator (10,000 installs), Dots: One Line Connector (10,000 installs), and Sound Volume Extender (5,000 installs), amongst others.

top 3 comments
sorted by: hot top controversial new old
[–] yokonzo@lemmy.world 10 points 10 months ago

Strange they haven't identified who was responsible yet, I mean to get this code into your app surely the first lead would be the developer right?

[–] smik@discuss.tchncs.de 7 points 10 months ago

Link to the source blog entry. It has more information on how the malware went undetected and how it worked.

[–] CrayonRosary@lemmy.world 7 points 10 months ago* (last edited 10 months ago)

The key takeaway: never give an app accessibility permissions when it asks unless you are specifically installing an accessibility app. It could never have done anything without that permission.

The McAfee article (found elsewhere in these comments) said the bad apps obtained accessibility permissions through "social engineering" which probably means it simply asked for them after telling you to ignore the serious warnings Android gives you when an app asks for them.