News

Easily remove xHelper malware from your Android device

Hundreds of new variants of malware for mobile devices were detected last year. Among all these malicious developments, one caught the attention of ethical hacking specialists and enthusiasts. Usually known as xHelper, this malware managed to infect about 50,000 Android devices in less than six months, becoming one of the main threats to users of this operating system. 

The main feature of xHelper is the difficulty
in being removed from the infected system, as the malware is able to install
itself on the compromised device even if the user performs a factory reset.
After installation, xHelper begins to display invasive advertisements to the
victims; in addition, it is able to install other malicious apps.

Months after its detection, a group of ethical
hacking researchers has finally found a way to completely remove xHelper from
an Android smartphone without using factory reset, so the files stored on the
device will remain secured.

The procedure for removing xHelper is described
below:

  • Install
    the free version of the Malwarebytes app for Android
  • Install
    a File Manager app from Play
    Store
    , ASTRO, for example. This app has a feature to search for files
    and directories
  • Temporarily
    disable Google Play; for this, go to Settings> Apps> Google Play and tap
    “Disable”
  • Start
    scanning your device with the Malwarebytes app, which will remove malware.
    Users can also manually uninstall xHelper if they can detect the ‘fireway’ and
    ‘xHelper’ apps in the list of installed apps. In addition, in case you find two
    applications called “Settings”, you should remove the one from the
    unrecognized icon, as it is likely to be a malicious file
  • Open
    the newly installed file manager and search for any files that start with
    “com.mufc”
  • Enter
    the last modification date of the files. Then delete these files and delete any
    other unrecognized files with the same modification date
  • Finally,
    enable Google Play on your device

Ethical hacking specialists claim that this
method removes any traces of xHelper on the affected device, ensuring that the
malware will not be reinstalled again.

The International Institute of Cyber Security (IICS)
mentions that xHelper infections remain a constant threat in the wild, so the
dissemination of this method can be useful in combating the extent of the
operators of this malware.

You Might Also Like