Quote:An Android trojan first spotted in 2015 has returned five years later with updated capabilities, including a mechanism to uninstall pre-loaded apps to make room for its own malicious purposes.
The Android.Xiny trojan is specifically aimed at devices running older Android – an analysis conducted by Dr. Web reveals that the virus typically targets Android 5.1 and below.
At first glance, this might not seem like a big deal, but the security company points to data shared by Google last year which revealed that Android 5 and earlier were still powering some 25 percent of all Android devices out there. In other words, 1 in 4 Android users might be vulnerable to Android.Xiny attacks.
The updated version of the malware retains the capability of installing apps without user permissions, but this one comes with extra “features.”
Android.Xiny obtains root access on compromised Android devices and enables persistence to launch automatically even after a device boot. It does this by replacing system files /system/bin/debuggerd and /system/bin/ddexe, and waits for instructions from a command and control server.
Read more: https://news.softpedia.com/news/android-...8964.shtml
![[-]](https://www.geeks.fyi/images/collapse.png)
