Android users warned about ‘unkillable’ malware that lives FOREVER on Google phones

2 min

15 shares, 90 points

First human landing on Mars could take place ‘this decade’ claims space expert

Android users have been given a warning about an ‘extremely dangerous’ Google phone app (Image: GOOGLE • GETTY)

Android fans have been put on alert about an “unkillable” malware strain which can live on your Google phone forever. Android is one of the most used pieces of software in the world, with over 2.5billion active devices installed with the Google mobile OS. To put that in perspective, that’s equivalent to a third of the world’s population – underlining how widely used Android is.

But the hugely popular Google mobile OS is no stranger to security alerts, with Android fans on a regular basis being put on guard about threats.

Just earlier this week Android fans were told to immediately delete an app found on the Google Play Store downloaded over 100million times.

While recently Android users were told to stay away from an app that poses as a way to help you stay informed during the coronavirus pandemic.

Instead of being a helpful tool, upon installation the nefarious app locked devices and demanded a ransom of up to $ 250 to keep users’ data safe.

And now Android fans are being warned once again about a dangerous app for Google smartphones.

Kaspersky Labs discovered the xHelper malware on programmes found on unofficial app marketplaces.

The malware is downloaded under the guise of a “cleaner” app for Android devices.

But once installed it disappears and can nowhere be found on the home screen or in the programme menu.

The only way you can find the nefarious app is by inspecting the list of installed apps in the Android system settings.

In a post online Kaspersky Labs outlined the threat that the malware poses, analysing the Trojan-Dropper.AndroidOS.Helper.h sample.

First human landing on Mars could take place ‘this decade’ claims space expert

Security experts have given a warning about the xHelper malware loaded on some Android apps (Image: GETTY)

Igor Golovin described the Android malware as “extremely dangerous”, capable of accessing all app data after installing a backdoor.

The security expert also outlined how the nefarious malware is capable of reinstalling itself when a user tries to delete it.

Golovin explained: “Simply removing xHelper does not entirely disinfect the system.

“The programme com.diag.patches.vm8u, installed in the system partition, reinstalls xHelper and other malware at the first opportunity.”

“The malware analyst went onto add: But if you have Recovery mode set up on your Android smartphone, you can try to extract the file from the original firmware and replace the infected one with it, before removing all malware from the system partition.

“However, it’s simpler and more reliable to completely reflash the phone.

“Bear in mind too that the firmware of smartphones attacked by xHelper sometimes contains preinstalled malware that independently downloads and installs programs (including xHelper).

“In this case, reflashing is pointless, so it would be worth considering alternative firmwares for your device.

“If you do use a different firmware, remember that some of the device’s components might not operate properly.”

The xHelper malware threat underlines the danger of using unofficial app marketplaces and the importance of having good Android antivirus software.

Summing up, Golovin said: “In any event, using a smartphone infected with xHelper is extremely dangerous.

“The malware installs a backdoor with the ability to execute commands as a superuser.

“It provides the attackers with full access to all app data and can be used by other malware too, for example, CookieThief.”

Like it? Share with your friends!

15 shares, 90 points

What's Your Reaction?

hate hate
confused confused
fail fail
fun fun
geeky geeky
love love
lol lol
omg omg
win win

Read exclusive latest news on entertainment, music, gaming and more topics with unprecedented coverage from around the UK and US.


Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.