There’s a new malware making the rounds, known as xHelper which uses a clever mechanism that allows it to reinstall itself on the infected device, making it almost impossible to remove.
The first reports of xHelper infections emerged in March when a few hundred devices were affected, but now it is estimated that the number of infected smartphones exceeds 45 000 Android smartphones according to Symantec.
Symantec’s report notes that xHelper operators manage to infect devices by redirecting victims to websites that offer third-party apps and that are not found in the Play Store. So at the time of publishing this story, xHelper wasn’t found on Playstore.
While this malware does not focus on data destruction or theft, researchers who have analyzed it conclude that the Trojan is capable of displaying pop-up ads and spam notifications in an intrusive and persistent manner. These ads and notifications invite victims to install other third-party apps – so it’s likely that xHelper operators will earn revenue for each installation of the promoted apps.
The behavior of xHelper has impressed the researchers, as they discovered that, unlike other variants of mobile operating system malware, xHelper is able to install itself as a standalone service after the installation of a malicious app. Due to this feature, uninstalling the initial app will not remove this malware from the infected device.
Users who successfully removed the malware only did so by using paid antivirus apps as reported by Symantec. People who find it hard to part with their dollars to buy antivirus will have to contend with xHelper’s annoying ads. As a parting word, Symantec gave the following advice to smartphone users:
We advise users to take the following precautions:
- Keep your software up to date.
- Do not download apps from unfamiliar sites.
- Only install apps from trusted sources.
- Pay close attention to the permissions requested by apps.
- Install a suitable mobile security app, such as Norton or Symantec Endpoint Protection Mobile, to protect your device and data.
- Make frequent backups of important data.