Xhelper Android malware infects over 45,000 smartphones and is virtually non-removable

Phones might generally be considered safer when we talk about viruses and malware, but this is definitely not the case anymore. There are numerous malware and trojan apps designed specifically for targeting Android smartphones. One such Android malware called Xhelper has now been reported of infecting 45000 devices. As per a new Symantec report, the malicious persistent Android dropper app was first spotted in March 2019 and while its code was relatively simple at the time with the main function being visiting advertisement pages for monetization purposes, its code has changed over time. The app now hides its icon, displays ads, can download other infected packages, and more. What’s even more concerning is that the malware can auto-reinstallation, even if it is removed or if the infected device is reset.

The report mentions that around 45000 devices have been infected by the Xhelper malware until now and in the past month, about 131 devices were infected every day. An average of 2,400 devices are being infected by it in a month. The malware samples analysed by Symantec were not available on the Google Play Store and the app might have been downloaded by users from unknown sources. Additionally, the developers of this malware might be targeting some specific smartphone brands, since it was found more frequently on certain handset brands. Since the malware keeps installing itself even when the device is reset, researchers at Symantec are doubtful that another system app in such phones might be the culprit. Considering how most phone manufacturers load bloatware on their offerings, we won’t be surprised if this turns out to be true. 

As for keeping your device safe from Xhelper malware, Symantec suggests updating your device’s software. Also, the golden rule of not installing apps from unofficial sources also works since trusted sources like Google Play Store are less likely to host malware-laden apps. One should also be wary of the permissions being requested by an app and disabling permissions it doesn’t need to work. These are precautions and there’s no method mentioned by Symantec to get rid of the Xhelper malware



from Latest Technology News https://ift.tt/2No8ksf
via IFTTT

Comments