Technology
Beware of a new Android threat targeting your photos and texts without even opening them
What is malware?
Kurt ‘CyberGuy’ Knutsson discusses how to protect yourself from malware and ransomware.
Another day, another malware threat is trying to get your data.
Well, brace yourself, because there’s a virus that’s been around for a while that’s out there that’s gotten even worse.
It’s called XLoader, and it’s after your photos and texts on your Android device. Yes, you heard that right.
Your precious memories and messages are in danger of being snatched by this malicious software.
CLICK TO GET KURT’S FREE CYBERGUY NEWSLETTER WITH SECURITY ALERTS, QUICK VIDEO TIPS, TECH REVIEWS, AND EASY HOW-TO’S TO MAKE YOU SMARTER
Android phone. (Kurt “CyberGuy” Knutsson)
What is malware?
Malware is technically any software that’s designed to disrupt the system of its intended target. With malware, the person or entity behind the attack can gain access to your data, leak sensitive information, block you out and take control of other aspects of your privacy and security.
MORE: TIPS TO FOLLOW FROM ONE INCREDIBLY COSTLY CONVERSATION WITH CYBERCROOKS
What is the XLoader malware strain?
According to McAfee, the XLoader malware — also known as MoqHao — has been around since 2015, targeting Android users in the U.S., Europe and Asia. Once it’s on your device (which it’s gotten much better at doing), it’s able to run in the background, taking your sensitive data, whether it be photos, text messages, contact lists, hardware details and more.
Hacker typing on a laptop. (Kurt “CyberGuy” Knutsson )
MORE: BEWARE OF NEW ANDROID MALWARE HIDING IN POPULAR APPS
How does XLoader get onto your device?
One of the reasons XLoader is such a major threat is because, unlike its previous strains and other malware, it can get on your device that much easier than before. Generally, malware gets onto your device via a phishing scam. However, because people are more skeptical about opening or clicking on suspicious files or links — and because there are integrated apps that help warn you of these files — it’s more difficult for these traditional phishing scams to be effective, but XLoader has gotten clever.
First, you receive a text from an unknown sender
Like ordinary malware, XLoader often spreads through malicious links sent via text messages. This is a unique type of phishing scam known as “smishing.” However, scammers are aware that most people don’t click on texts from people they don’t know. So, another way they attempt to be successful at this is by first gaining access to a phone number that has your number in their contacts, and they target you that way. You won’t think twice when you receive a text from someone you know. Once it gets past this step, XLoader can get onto your Android device in two ways:
1: You click on the link which leads to downloading the APK file
Next, the unsuspecting victim would see a link in the text message. The link may look less suspicious than typical malware links because they are typically shortened and look less spammy and more legitimate, like a link that someone you know would send you.
A RANSOMWARE REALITY CHECK AS US IS A TOP TARGET OF ATTACKS
If you end up clicking on this link, it will direct you to download an Android APK file (standard file format for Android), which are files that are used to sideload apps outside the official Google Play Store. This method, therefore, bypasses Google’s security measures and increases the risk of malware infections. It can happen in a matter of seconds, and if you click “install,” then the XLoader malware will be on your phone before you know it.
Once the malicious APK is downloaded and installed, XLoader can launch on its own without any further action from the user, silently running in the background and performing its malicious activities.
2: You launch the app yourself, but fall for a Google Chrome decoy
If you decide you want to launch the app directly on your own, XLoader is already there waiting for you by impersonating Google Chrome. When you click “launch,” the XLoader malware displays a very familiar-looking Chrome pop-up that will first ask you to grant it permissions by clicking “allow” or “deny.” If you click “Allow” (thinking it’ll lead you to the “app”), you’ll be unknowingly giving it access to your SMS.
Afterward, it will even display a pop-up that says, “Choose Chrome to prevent spam,” giving you two options — your default SMS app or Chrome. Because these decoy pop-ups replicate Google’s style completely, it gives the user a false sense of security that it can be trusted.
Once it’s there, it can grab your photos, texts and other sensitive data on your Android, most of the time, without you even realizing it.
Google Chrome decoy. (McAfee)
6 ways to protect your Android from XLoader and other malware
Now that you know what XLoader is and how it gets onto your Android device, be sure not to click on any links in text messages that are unusual. If the text came from someone in your contacts, reach out to them directly (via phone call or messaging on another app) and confirm that they meant to send you it before clicking on it. Here are some other ways to protect yourself from XLoader and other malware attempts.
1. Avoid sideloading apps and shortened URLs: Refrain from sideloading apps (installing apps from unofficial sources) and clicking on shortened URLs in messages, as these are common vectors for malware distribution.
2. Be careful granting permissions: Exercise caution when granting permissions to apps. The question is whether an app truly needs access to certain device functions or data.
3. Limit the apps you have on your phone: Sometimes, having a lot of apps on your phone can make it easy for you to be exposed to malware. These apps can let in malicious code over time, and the more apps you have to keep track of and update, the more likely your Android will be vulnerable.
4. Only download reputable apps: Additionally, when you download apps, make sure they are from reliable and legitimate developers. Check reviews and do some research before just hitting “install.”
5. Don’t neglect software updates: Your phone has a way of keeping itself safe with software and security updates. Don’t forget to do them.
6. Have good antivirus software on all your devices: The best way to protect yourself from malware like this Xloader virus is to install antivirus protection on all your devices. Having antivirus software on your devices will make sure you are stopped from clicking on any potential malicious links that may install malware on your devices, allowing hackers to gain access to your personal information. Get my picks for the best 2024 antivirus protection winners for your Windows, Mac, Android & iOS devices.
Kurt’s key takeaways
Malware is, unfortunately, inevitable. As we become more educated about how to prevent these threats, the hackers creating them are always working on ways to outsmart us, while the malware itself becomes more sophisticated. This new strain of XLoader is just one example of that. And, while it’s currently focused on targeting Android users, it’ll likely be just a matter of time before it begins targeting Macs and other devices.
The best way to protect yourself, therefore, is to stay up-to-date with the latest cybersecurity trends and ensure your devices have good antivirus protection. Additionally, continue best practices for protecting yourself from suspicious links and downloads.
How stressed are you these days with malware like XLoader or other types of viruses trying to steal your data? Should more be done to stop these crooks? Let us know by writing us at Cyberguy.com/Contact
For more of my tech tips and security alerts, subscribe to my free CyberGuy Report Newsletter by heading to Cyberguy.com/Newsletter
Ask Kurt a question or let us know what stories you’d like us to cover.
Answers to the most asked CyberGuy questions:
Copyright 2024 CyberGuy.com. All rights reserved.
The original Switch is officially Nintendo’s best-selling console of all time after surpassing the DS handheld in lifetime sales. In its latest earnings release, Nintendo reports that the Nintendo Switch has, as of December 31, 2025, sold 155.37 million units since its launch in 2017, compared to 154.02 million units for the 2004 Nintendo DS.
In November, Nintendo reported that the Switch and DS were neck and neck. We expected the holiday sales period would see the Switch surpass the DS, even with Nintendo announcing that primary development would focus on the Switch 2. Nintendo previously said that it would continue to sell the original Switch “while taking consumer demand and the business environment into consideration.”
Nintendo has to keep selling the Switch if it wants to dethrone Sony’s PlayStation 2 as the best-selling video game console of all time. The PlayStation 2, discontinued in January 2013, sold more than 160 million units over its 13-year lifespan.
Demand for the Switch 2 accelerated over the holidays, with Nintendo reporting 7.01 million units sold during the quarter covering October through December, compared to 4.54 million units in the previous quarter. In total, the Switch 2 has now sold 17.37 million units since it launched in June 2025, taking less than a year to surpass the Wii U’s 13.7 million lifetime sales.
The Switch 2 launch has helped Nintendo to drive a 51 percent increase in net profit over the first nine months of FY26, reaching ¥358.86 billion (about $2.31 billion). Net sales almost doubled during the same period, jumping to ¥1.906 trillion (about $12.2 billion) compared to ¥956.2 billion ($6.1 billion) last year. Looking ahead, Nintendo maintains its forecast to sell 19 million Switch 2 units by the end of this financial year.
NEWYou can now listen to Fox News articles!
Artificial Intelligence and data centers have been blamed for rising electricity costs across the U.S. In December 2025, American consumers paid 42% more to power their homes than ten years ago.
“When you have increased demand and inadequate supply, costs are going to go up. And that’s what we’re experiencing right now,” Exelon CEO Calvin Butler said.
TRUMP SAYS EVERY AI PLANT BEING BUILT IN US WILL BE SELF-SUSTAINING WITH THEIR OWN ELECTRICITY
In 2024, U.S. data centers used more than 4% of total U.S. electricity consumption according to the International Energy Agency. That equates to as much electricity as the entire nation of Pakistan uses annually. U.S. Data Center consumption is expected to grow by 133% by the end of the decade, using as much power as the entire country of France.
“We’re headquartered in Chicago, and we’re the owner of ComEd, the fourth-largest utility in the nation. ComEd’s peak load is roughly 23 gigawatts. We have had data center load come onto the system, but by 2030, we’ll be at 19 Gigawatts,” Butler said.
Artifical intelligence data centers in the U.S. used more than 4% of the total U.S. electricity consumption, according to the International Energy Agency. (Exelon)
Commonwealth Edison has experienced a dramatic increase in data center connection requests. The potential projects total more than 30 gigawatts and are expected to come online between now an 2045.
“Our growth is unprecedented in the last several decades. So, with the data center advent and the technology coming, we’ve been forced to serve that load, which is our responsibility,” Butler said. “But what we also have to do is build new generation supply, which is not keeping up with the load that is coming on. And that’s the crunch that we’re in right now.”
IN 2026, ENERGY WAR’S NEW FRONT IS AI, AND US MUST WIN THAT BATTLE, API CHIEF SAYS
Commonwealth Edison is asking regulators for a $15.3 billion 4-year grid update to meet the growing demand. The U.S. overall has increased its grid capacity by more than 15% over the last decade, but many utility companies and energy producers say it is not enough.
“We’re at a stage right now where we’re constrained by electricity,” Commonwealth Fusion Systems CEO Bob Mumgaard said. “You want to make power plants that can make a lot of power in a small package that you can put anywhere, that you could run at any time and fusion fits that bill.”
Zanskar, is the first AI-native geothermal energy company, according to their website. This plant is located in New Mexico. (Zanskar)
Commonwealth Fusion Systems is working to add a new form of nuclear energy to the grid — fusion. It has the same reliable benefits of standard nuclear energy already in use, but does not produce long-lived radioactive waste and carries fewer risks.
“In fusion there’s no chain reaction. The result is helium which is safe and inert and you don’t use it to make anything related to weapons,” Mumgaard said.
US POWER CRUNCH LOOMS AS OKLO CEO SAYS GRID CAN’T KEEP UP WITHOUT NEW INVESTMENT
Commonwealth Fusion Systems says Artificial Intelligence is helping bring fusion energy closer to being a new resource.
“Building and designing these complex machines and manipulating this complex data matter of plasma are all things that we’re still learning and we’re still figuring out how to do,” Mumgaard said. “And that’s an area where we’ve been able to accelerate using A.I.”
Other under-utilized energy sources could soon get a big boost thanks to A.I. Geothermal energy is a small part of the electric grid, because of the high drilling costs and low confidence in where to place infrastructure.
Geothermal and nuclear fusion technology will allow energy to be produced in any weather at any time. (AP)
“If you could drill the perfect geothermal well every single time, like you pick the right spot, you design the right well, you drill the 5,000, 8,000 feet, you hit 400F degree temperatures, that’s incredibly productive,” Zanskar Co-founder Joel Edwards said. “If you could do that every single time over and over and again, geothermal power is the cheapest source of power period.”
Zanskar is working to make the geothermal search more exact. The company uses A.I.-fueled mapping to find untapped resources previously thought non-existent.
“If we could just get more precise in where we go to find the things and then how we drill into the things, geothermal absolutely has the cost curve to come down,” Edwards said. “And that’s sort of what we’re running towards, with A.I. sort of giving us the boost, giving us an edge to do that.”
Both geothermal and nuclear fusion can produce energy in any weather at any time, a component that could have helped ease the grid strain amid the recent winter storm.
“It’s critical, and we’ve been raising that alarm for years now, and I use the analogy that you’re driving a car and your check engine light is on, but you keep driving it, hoping that you’ll keep getting there and keep going, but when it breaks down, you’re going to have a significantly higher cost,” Butler said. “We have to pay attention to what’s going on, and this winter storm – Winter Storm Fern – is indicative of what’s coming.”
Waymo announced a $16 billion investment round aimed at bringing its robotaxi business to more US cities, as well as some overseas markets. The funding round was led by Dragoneer Investment Group, a “crossover” firm known for investing in late-stage tech companies before they go public.
Waymo’s co-CEOs said in a blog post they would use some of the money to buy more vehicles to grow its fleets size, a crucial step as it seeks to launch in at least 20 new cities in 2026. The company currently operates more than 2,500 robotaxis in six US cities. The new funding values Waymo at $126 billion.
Waymo’s latest funding round attracted several new investors, including Dragoneer, Sequoia Capital, and DST Global. Returning investors include Andreessen Horowitz, Abu Dhabi sovereign fund Mubadala, Fidelity Management and Research Company, Perry Creek Capital, Silver Lake, Tiger Global, Temasek, and T. Rowe Price. The company last raised a $5.6 billion in 2024, valuing the company at $45 billion.
Despite their promise to bring down costs by eliminating driver jobs, autonomous ridehail vehicles are enormously expensive. In addition to vehicle purchases, companies must install expensive sensors and computers into each vehicle. The robotaxis need to be monitored by remote operators during trips. And fleet managers handle EV charging, cleaning, and sensor calibration while the robotaxis are offline.
Still, Waymo is one of the few companies to run a paid service with fully driverless vehicles in the US. Amazon’s Zoox is still running free trips in a handful of cities, while Tesla has yet to transition away from using safety monitors in the vehicle.
Pennsylvania State Police unveil advanced patrol vehicle upgrades
Rhode Island economy sends mixed signals to close out 2025, new report finds
SD Lottery Powerball, Lucky For Life winning numbers for Feb. 2, 2026
Here are Tennessee’s connections to Super Bowl 60, including 20 from Titans
2026 NCAA softball preview: Can Texas Tech, NiJaree Canady bounce back?
Florida High School Football Rankings: Top 25 teams – Oct. 21
Cleary's 21 help Le Moyne down Central Connecticut State 69-64 in OT
How old is Bo Nix? What to know about Oregon quarterback ahead of 2024 NFL Draft
99th annual Pony Swim held in Virginia
Indiana Members Credit Union announced as new anchor tenant at Bottleworks District
Video: Immigration Officers in Minneapolis to be Equipped With Body Cameras
Groundhog Day and Friday the 13th
Russia renews attacks on frozen Ukrainian cities
Judge blocks DHS from ending deportation protections for 350,000 Haitians one day before they were set to lapse
Video: Disappearance of ‘Today’ Host’s Mother Is a Crime, Investigators Say
-
Indiana1 day ago13-year-old rider dies following incident at northwest Indiana BMX park
-
Massachusetts2 days agoTV star fisherman, crew all presumed dead after boat sinks off Massachusetts coast
-
Tennessee3 days agoUPDATE: Ohio woman charged in shooting death of West TN deputy
-
Pennsylvania1 week agoRare ‘avalanche’ blocks Pennsylvania road during major snowstorm
-
Movie Reviews1 week agoVikram Prabhu’s Sirai Telugu Dubbed OTT Movie Review and Rating
-
Politics1 week agoTrump’s playbook falters in crisis response to Minneapolis shooting
-
Austin, TX4 days ago
TEA is on board with almost all of Austin ISD’s turnaround plans
-
News1 week agoTimeline: How the Shooting of Alex Jeffrey Pretti Unfolded
