Stealth Backdoor “Android/Xamalicious” Actively Infecting Devices


The open-source platform Xamarin, which enables the development of iOS and Android apps using.NET and C#, was used to design an Android backdoor that was discovered by the McAfee Mobile Research Team. Dubbed Android/Xamalicious, it uses social engineering to attempt to obtain accessible capabilities before establishing communication with the command-and-control system.

server to determine whether or not to download a second-stage payload that is dynamically injected as an assembly DLL at runtime level in order to gain complete control of the device and possibly carry out fraudulent activities, including installing apps and clicking on advertisements, among other financially motivated actions carried out against the will of the user.

Read More…