There is a new malware in town XHelper that has infected over 45,000 android smartphones within 6 months… it is a threat because even factory reset cannot fix it.
xHelper malware is only about seven months old, and had already reached MalwareBytes’ top 10 list of malware by August. The app is being distributed via websites that encourage users to sideload apps onto their device. These apps then install the xHelper trojan onto the device.
How does it work?
After installation, the app then proceeds to spam the device with notifications and pop-up ads. The app major activities are seemingly only limited to these prompts encouraging you to download other apps or play online games.
Once the malware is installed on your smartphone, the installation is being mask via encryption… meaning you won’t be able to find the installation on your device. It auto hide itself. No app icon or any form of shortcut icons for the app once installed. How can you uninstall app you can’t even detect in the first place?
xHelper is designed to automatically begin running as a foreground service based on various triggers, such as when the device is booted or the power is connected/disconnected. Once that’s done, even if you uninstall the app that xHelper came with, the malware will continue to reside on your device.
xHelper run like a magic malware on your smartphone, it cannot be uninstall, it cannot be removed or cleared even when you factory reset your smartphone. It is just like the Ebola virus which cure is yet to be found.
How to Prevent it?
Take precautions. Don’t download apps from untrusted sources. Beware of pages that redirect you to other pages to download apps or games.
Remember, once your smartphone is infected with this malware, it cannot be cured.