New Android threat sends your photos, texts, contacts, hardware data and more to a foreign server

Fake permission requests are made to appear as if they are coming from Google Chrome

McAfee says: “During application installation, their malicious activity starts automatically. We have already reported this technique to Google and they are already working on implementing mitigations to prevent this type of automatic execution in a future version of Android.”

Another false authorization request

Malicious apps send permission requests pretending to come from Google Chrome, asking for permission to send and view SMS (text) messages and asking for permission to let “Chrome” run in the background. And the final blow is the permission to make “Chrome” your default SMS application. The malware, once it has obtained all these permissions, is used to send photos, text messages, contact lists and information about the hardware you are using (including your phone's unique IMEI number) to the control server. Yes, it's very scary.

McAfee claims that because minimal interaction is required from the victim, the new XLoader malware is even more dangerous than its predecessor. There is some good news. A McAfee update from a few weeks ago indicates that Android devices with Google Play Services are protected against attacks from this type of malware by Google Play Protect, which is enabled by default.