It spread through Google Play, in addition to other third-party app stores:
In a blog post written by the McAfee Mobile Research Team blog post, they said it identified about 25 different malicious apps that contain the threat, 13 of which were distributed on Google Play, some since mid-2020.
Some of the apps affected by Xamalicious malware include Essential Horoscope for Android (100,000 installs), 3D Skin Editor for PE Minecraft (100,000 installs), Logo Maker Pro (100,000 installs), Auto Click Repeater (10,000 installs), Count Easy Calorie Calculator (10,000 installs), Dots: One Line Connector (10,000 installs), and Sound Volume Extender (5,000 installs), amongst others.
Strange they haven’t identified who was responsible yet, I mean to get this code into your app surely the first lead would be the developer right?