fbpx
perm_phone_msgConsider your business risks? Chat With US

‘Unkillable’ Android malware can take over your phone: What to do | Tom’s Guide

Ransomware BCyber todaySeptember 12, 2020 58

Background
share close

Back in October, we warned you of a particularly nasty strain of Android malware called xHelper that had already infected 45,000 phones and seemed to be nearly impossible to remove. Even factory resets didn’t help. 

Now researchers from Kasperky have figured out just how xHelper makes itself “unkillable,” and also how to, well, kill it.

The xHelper Trojan, which “disguises itself as a popular cleaner and speed-up app,” behaves like a matryoshka, a Russian nesting doll, using a multi-stage infection process, Kaspersky’s Igor Golovin wrote in a blog post earlier this week. 

The end result is infection by Triada malware, which Kaspersky once called “organized crime on Android.” This new version of Triada embeds itself deep in the Android system partition, from which it can re-install itself and other malware after a factory reset. 

And because at least three of the malicious apps involved in the xHelper/Triada infection process are “droppers” meant to install pretty much anything on a phone, you’ll be at risk from all sorts of malware.

What to do if you’re infected by xHelper

From there, Golovin writes, the only option is to completely reflash the phone’s firmware, which may be beyond the ken of many Android users. 

However, researchers at Malwarebytes show how to remove at least one variant of xHelper by using a file-manager app and one of the best Android antivirus apps. 

Either method may be “pointless” in some cases, Golovin writes, because “the firmware of smartphones attacked by xHelper sometimes contains preinstalled malware that independently downloads and installs programs (including xHelper).”

The good news is that xHelper seems to affect primarily cheap Chinese-made smartphones running Android 6 Marshmallow or Android 7 Nougat, and which get their apps from sources other than the official Google Play store. 

If you’re using a flagship or a mid-range Android phone, you’ve left the settings alone so it doesn’t accept apps from “unknown sources,” and, yep, you’re running one of the best Android antivirus apps, you’re probably in the clear.  

Today’s best Bitdefender Mobile Security deals

This content was originally published here.

Written by: BCyber

Rate it
Previous post

Similar posts

Ransomware BCyber / October 19, 2020

Ad-light, Malware-heavy # Chris Dzombak

Ad-light, Malware-heavy Since December 17, Forbes has been running an experiment wherein some fraction of visitors who are running ad blockers are blocked from accessing Forbes articles until they disable their ad blocker. In exchange, Forbes promises an “ad-light experience”: A Forbes article published yesterday claims that this interstitial resulted in 42.4% of visitors turning ...

Read more trending_flat