A few months ago we had news of a new Android malware called xHelper. Like all other similar programs, it wanted to be quietly trusted to release information in an unauthorized manner.
What is Joker, a powerful malware that affects Android apps
Google explains in its blog what it is and how Joker works, a powerful malware that affects Android apps and subscribes to Primum services.
Now, after doing some research, the company Malwarebyte has discovered that this particular malware can survive in the form of our mobile memory, something we haven't seen yet.
What happened to malH xper malware
With the help of a user who had an infected cell phone (most of the more than 33,000 cases occurred in the United States), company engineers found that the malware was not only installed as a malicious app, but also installed certain folders in mobile memory.
This explains why after removing the app with the active antivirus, it reappeared after an hour without the user doing anything.
These folders have files that automatically run when xHelper is not installed, running malware again. They were all like they started with a text com.mufc.
How to remove xHelper
The solution has come easily, when the real source of the problem is known. You just have to delete those folders and delete the app. The only additional tip is that while doing so we disable the Google Play store because the malware causes the antivirus to think that this Google app has allowed it to be repeated.
Although they managed to get rid of the system, those in charge of Malwarebyte, such as Nathan Collier, admitted that there was still a lot to know about this new type of attack on Android mobiles, especially how the malware would install the system to make it think that the memory location should not have been removed from the factory reset.
Five questions to ask yourself are malware / security on Android
Concerned about malware or security issues on Android? Find five questions to ask yourself to forget all your fears.
