Jump to content
Karlston

Nasty Android malware reinfects its targets, and no one knows how

Recommended Posts

Guest

Another way to remove that kind of malware will be through ADB and recovery menu, but that would be for advanced users.

I did this before on my cousin's Asus Zenfone 5 LTE.

Share this post


Link to post
Share on other sites
Akaneharuka

@Edward Raja Hey Edward I have a little bit of topic question.

Do you know the adb command that can remove the google youtube app ? I don`t want it on my phone anymore :( .

Share this post


Link to post
Share on other sites
Guest
13 minutes ago, Akaneharuka said:

@Edward Raja Hey Edward I have a little bit of topic question.

Do you know the adb command that can remove the google youtube app ? I don`t want it on my phone anymore :( .

refer this tutorial:

https://www.xda-developers.com/uninstall-carrier-oem-bloatware-without-root-access/

https://forum.xda-developers.com/android/general/uninstall-apps-via-adb-t3738105

just a warning though, uninstalling system applications can be dangerous so please know what you’re getting rid of before you complete these steps. Failing to do so could result in your phone becoming unusable until you perform a factory reset. Of course, by removing any given system application, another system application that may depend on it may also break so be careful what you remove. But if something does go wrong, you can always perform a factory reset to bring things back to the way they were. 

but if you think it is complicated, just disable it instead of removing.

Share this post


Link to post
Share on other sites
duddy

Android trojan xHelper can reinstall itself after removal and factory reset

 

While xHelper can be removed by antivirus software, it will soon reinstall itself. (Image via Malwarebytes forum user Amelia)

 

 

It seems that there’s always a new piece of malware wreaking havoc in the Android world. Oftentimes, a quick virus scan or factory reset will delete the malicious app and eliminate the threat. However, there is a relatively new trojan that has been able to evade most antivirus measures and reinstall itself, even after a factory reset. 

 

The xHelper trojan, which was discovered in early 2019. The trojan is a rudimentary piece of malware that mainly uses the infected device’s resources to visit ad pages in order to generate revenue. This, in turn, hogs system resources and can rack up data usage, a particularly poignant problem for those on restricted or metered connections. 

 

The biggest problem with xHelper is the sneaky way in which it persists. Upon installation, the trojan buries a dropper deep in the Android file system that is largely ignored by antivirus checks. Even worse, the dropper persists even after a factory reset. The dropper will then reinstall the trojan and drop more malware before uninstalling itself to remain hidden. 

 

While the exact mechanics of how xHelper works are still not fully known, Malwarebytes has devised a plan of action to permanently remove the trojan. If you suspect your device of being infected by xHelper, run a virus scan with any reputable antivirus software. If xHelper pops up, Malwarebytes suggests you follow these steps (from the Malwarebytes blog). Note: these steps were devised with the help of a Malwarebytes forum user by the name of Amelia.

 

Source

 

 

 

Share this post


Link to post
Share on other sites
xkryptonx
Posted (edited)

Fascinating, how it reinstall itself a factory reset. Maybe the developer should learn from it, the mechanism, and make rooting procedure available for most stubborn device. I wonder if it would do what i it is notorious for, on Samsung Snapdragon devices. 

Edited by xkryptonx

Share this post


Link to post
Share on other sites
duddy
5 minutes ago, xkryptonx said:

Fascinating, how it reinstall itself a factory reset. Maybe the developer should learn from it, the mechanism, and make rooting procedure available for most stubborn device. I wonder if it would do what i it is notorious for, on Samsung Snapdragon devices. 

Yeah, really!

How it reinstall itself a factory reset is very perplexing for me too.

Hope, more learned colleagues out here throw some light on this never heard before phenomenon.

Share this post


Link to post
Share on other sites
Karlston

Similar topic merged from Mobile News.

 

(Security news belongs here)

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...