This evil Android malware has one devious USP — it doesn’t even need to be opened to start stealing all your photos and files

Security researchers have spotted new Android malware that doesn’t even need user interaction to launch. However, to become fully operational and run the processes it was designed to do – it still needs the victim’s approval.

Cybersecurity researchers from McAfee said they observed a new version of XLoader, a known Android malware variant that was used in the past to steal sensitive user information from victims in the US, UK, Germany, France, Japan, South Korea, and Taiwan. This new loader is distributed in the same manner as its predecessors – via an SMS message containing a shortened URL, leading to a website hosting the malicious .APK file.