www.verimatrix.com
Open in
urlscan Pro
162.159.136.54
Public Scan
Submitted URL: https://c24p-04.na1.hubspotlinks.com/Ctc/ZN+113/c24p-04/VWszzN6hnnj1V73LC78ryvQpVfQRxk599P41MrH-SW5nXHsW7lCGcx6lZ3nwW63V5k964kYsZW6kY...
Effective URL: https://www.verimatrix.com/cybersecurity/cybersecurity-insights/xamalicious-malware-androids-accessibility-services-exploit...
Submission: On February 06 via api from ES — Scanned from ES
Effective URL: https://www.verimatrix.com/cybersecurity/cybersecurity-insights/xamalicious-malware-androids-accessibility-services-exploit...
Submission: On February 06 via api from ES — Scanned from ES
Form analysis
0 forms found in the DOMText Content
Skip to content * VMX Labs * Partners * Partners Portal * About * Verimatrix.com * VMX Labs * Partners * Partners Portal * About * Verimatrix.com * Learn Learn A closer look THE XTD DIFFERENCE Going beyond MTD and EDR. AGENTLESS TELEMETRY Cybersecurity without inconvenience to consumers. SHIFT LEFT – CI/CD INTEGRATION Injecting security early in the development process. SIEM INTEGRATION Providing a comprehensive view of your security environment. HUMAN & MACHINE Combining AI/ML with human expertise to respond effectively. ZERO TRUST Eliminating implicit trust in favor of continuous validation. VMX labs Our cybersecurity resource hub with the latest threat advisories and commentaries from experts. Visit VMX Labs Browse resources * Cybersecurity Insights * White Papers * Ebooks * Knowledge Base * Cybersecurity Manifesto * Cybersecurity Insights * White Papers * Ebooks * Knowledge Base * Cybersecurity Manifesto Get the latest cybersecurity insights * Product Verimatrix XTD™– Mobile App Protection Extended Threat Defense XTD was engineered to monitor new entry vectors from the fastest growing attack surface: connected apps, APIs, and unmanaged devices. View product XTD's powerful SaaS features Prevent Formerly App Shield. Start with RASP and shielding to create bulletproof apps. Detect & Respond Monitor and detect attacks. Receive guidance to apply countermeasures. Predict Actionable threat intelligence to prepare for future attacks. Security Center Cybersecurity Products * Web Protect * App Shield * Code Shield * Key Shield * Web Protect * App Shield * Code Shield * Key Shield Techniques * Code Obfuscation * Anti-tamper Technology * Jailbreak Detection * Root Detection * Environmental Checks * Anti Reverse Engineering * Code Obfuscation * Anti-tamper Technology * Jailbreak Detection * Root Detection * Environmental Checks * Anti Reverse Engineering * Customer Customers By industry FINANCIAL SERVICES BANKING E-COMMERCE HEALTHCARE GAMING By persona CISO Gain complete visibility of security risks to protect revenue streams. SECURITY OPERATIONS CENTER Effectively manage incident response and reporting. RESEARCH & DEVELOPMENT AND ENGINEERING Secure apps early in the development process for faster speed-to-market. FRAUD PREVENTION DEPARTMENT Strengthens anti-fraud measures by illuminating blindspots where fraudsters can attack. More * VMX Labs * Partners * Partners Portal * About * Verimatrix.com * VMX Labs * Partners * Partners Portal * About * Verimatrix.com * Pricing Talk to us Back to VMX Labs Xamalicious Malware: Android’s Accessibility Services Exploited Once Again Share COMMENTARY XAMALICIOUS MALWARE: ANDROID’S ACCESSIBILITY SERVICES EXPLOITED ONCE AGAIN January 29, 2024 TABLE OF CONTENTS In the dynamic world of Android-related threats, a new challenge has emerged, once again highlighting the vulnerabilities inherent to the mobile OS’s accessibility services. Dubbed “Xamalicious,” this insidious malware, developed using Xamarin, an open-source mobile app framework, leverages Android’s accessibility permissions to execute a range of malicious actions on compromised devices. The discovery of Xamalicious underscores a critical weakness in mobile app security that has been repeatedly highlighted by cybersecurity experts. Verimatrix has noted similar issues in the past, with its VMX Lab observing the abuse of these services in malware such as GoldDigger and Hook. These threats utilize accessibility features for harmful activities, such as overlay attacks and financial data theft. Verimatrix’s Extended Threat Defense system offers a shield against such abuses. XAMALICIOUS SNEAKS PAST GOOGLE’S SECURITY MEASURES Xamalicious follows this troubling trend. Hidden within seemingly benign applications, such as health, games, and productivity apps, it has been found in 25+ apps on the Google Play Store, amassing over 327,000 installations. Notably, the most affected apps included “Essential Horoscope for Android,” “3D Skin Editor for PE Minecraft,” and “Logo Maker Pro.” Once installed, Xamalicious gains access to a device’s accessibility services, enabling it to perform privileged actions without the user’s knowledge or consent. This capability allows it to click on ads, install apps, and even update its main Android package file, potentially transforming it into spyware or a banking trojan. To elude detection, Xamalicious encrypts communications between the infected device and its command-and-control server. This encrypted communication, coupled with its ability to self-update, makes Xamalicious a particularly resilient and adaptable threat. It’s not just limited to direct device manipulation; Xamalicious has also been linked to ad fraud activities, significantly impacting device performance and network bandwidth. The prevalence of Xamalicious, especially on the official Google Play Store, raises serious concerns about the security of mobile apps. Despite Google’s efforts through initiatives like Play Protect and the App Defense Alliance, the infiltration of this malware into the Play Store highlights the ongoing challenges of safeguarding users against sophisticated threats. A CAUTIONARY TALE OF MOBILE APP SECURITY RISKS For Android users, this situation serves as a crucial cautionary tale, emphasizing the need for scrutiny when selecting and downloading apps in the first place. Avoiding third-party sources, limiting app downloads to essentials, thoroughly reviewing user feedback, and conducting even quasi-background checks on app developers are critical steps in mitigating the risk of malware infections. Additionally, understanding and monitoring the permissions granted to apps can help in identifying and preventing potential security breaches. Xamalicious’s emergence is yet another call to action for both users and developers. For users, it’s a reminder to be cautious and informed about the apps they install and the permissions they grant. For developers and cybersecurity professionals, it highlights the urgent need to fortify mobile app security, particularly in areas like accessibility services, which have become a favored conduit for malicious actors. SAFEGUARD YOUR APPS FROM MALWARE ATTACKS! Stay informed about the latest threats and proactive measures to protect your apps from malware attacks. Join our newsletter now! WRITTEN BY DR. KLAUS SCHENK Dr. Klaus Schenk is senior vice president of security and threat research at Verimatrix and serves as head of its VMX Labs. SHARE THIS CYBERSECURITY INSIGHT OTHER CYBERSECURITY INSIGHTS Threat Roundup CYBERSECURITY THREAT ROUNDUP #8: AUTOSPILL, BLUFFS, XAMALICIOUS, AND MORE Stay informed with Verimatrix’s Cybersecurity Threat Roundup. Boost your defense strategy with timely advisories and comprehensive intelligence reports. * 7 days ago * 4 Mins Commentary CROSSING THE LINE: AFFILIATE-RELATED ATTACKS VIA THE POPULAR JAPANESE MESSAGING APP Verimatrix’s insights into the recent Line app data breach: An affiliate-related attack compromises user data, signaling a need to bolster mobile app security. * 3 weeks ago * 2 Mins Commentary A SIT-DOWN WITH HEADS OF VMX LABS AND VERIMATRIX CYBERSECURITY BUSINESS Insights from the Heads of VMX Labs and Verimatrix Cybersecurity Business reveal the growing need for robust mobile app protection. Learn what they are here. * 4 weeks ago * 5 Mins Threat Roundup CYBERSECURITY THREAT ROUNDUP #7: ENCHANT, FJORDPHANTOM, IMUTA, AND MORE Stay abreast of the latest mobile app threats with Verimatrix’s Cybersecurity Threat Roundup. Bolster your defenses with advisories, patches, and intel reports. * 1 month ago * 2 Mins Follow us Linkedin Facebook Products * Verimatrix XTD * XTD Prevent (formerly App Shield) * XTD Detect & Respond * XTD Predict * Verimatrix XTD * XTD Prevent (formerly App Shield) * XTD Detect & Respond * XTD Predict Industries * Financial Services * E-commerce * Healthcare * Gaming * Banking * Financial Services * E-commerce * Healthcare * Gaming * Banking Personas * CISO * Security Operations Center * R&D and Engineering * Fraud Prevention Department * CISO * Security Operations Center * R&D and Engineering * Fraud Prevention Department Learn * The XTD Difference * Agentless Telemetry * Shift Left – CI/CD Integration * Human & Machine * Zero Trust * SIEM Integration * The XTD Difference * Agentless Telemetry * Shift Left – CI/CD Integration * Human & Machine * Zero Trust * SIEM Integration Resources * VMX Labs * Cybersecurity Manifesto * Cybersecurity Insights * White Papers * Knowledge-Base * Ebooks * VMX Labs * Cybersecurity Manifesto * Cybersecurity Insights * White Papers * Knowledge-Base * Ebooks Verimatrix * Pricing * Partners * Partners Portal * About * Verimatrix.com * Contact * Talk to a Specialist * Pricing * Partners * Partners Portal * About * Verimatrix.com * Contact * Talk to a Specialist Our Offices United States 6059 Cornerstone Ct W, San Diego, CA 92121 united.states@verimatrix.com France Impasse des carrés de l’Arc Rond-point du Canet, 13590 Meyreuil france@verimatrix.com Cookies Preference | Terms of Use | Privacy Notice © 2024 Verimatrix. All Rights Reserved Learn The XTD Difference Agentless Telemetry Shift Left – CI/CD Integration Human & Machine Zero Trust SIEM Integration Products Verimatrix XTD™ Prevent Detect & Respond Predict Security Center Web Protect App Shield Code Shield Key Shield Code Obfuscation Anti-tamper Technology Jailbreak Detection Root Detection Environmental Checks Anti Reverse Engineering Customers By Industry Financial Services E-commerce Healthcare Gaming Banking By persona CISO Security Operations Center Research & Development and Engineering Fraud Prevention Department Resources VMX Labs Cybersecurity Manifesto Cybersecurity Insights White Papers Knowledge Base Ebooks Pricing More Partners Partners Portal About Verimatrix.com Contact Talk to a Specialist