Hundreds of new variants of malware for mobile devices were detected last year. Among all these malicious developments, one caught the attention of ethical hacking specialists and enthusiasts. Usually known as xHelper, this malware managed to infect about 50,000 Android devices in less than six months, becoming one of the main threats to users of this operating system.
The main feature of xHelper is the difficulty
in being removed from the infected system, as the malware is able to install
itself on the compromised device even if the user performs a factory reset.
After installation, xHelper begins to display invasive advertisements to the
victims; in addition, it is able to install other malicious apps.
Months after its detection, a group of ethical
hacking researchers has finally found a way to completely remove xHelper from
an Android smartphone without using factory reset, so the files stored on the
device will remain secured.
The procedure for removing xHelper is described
the free version of the Malwarebytes app for Android
a File Manager app from Play
Store, ASTRO, for example. This app has a feature to search for files
disable Google Play; for this, go to Settings> Apps> Google Play and tap
scanning your device with the Malwarebytes app, which will remove malware.
Users can also manually uninstall xHelper if they can detect the ‘fireway’ and
‘xHelper’ apps in the list of installed apps. In addition, in case you find two
applications called “Settings”, you should remove the one from the
unrecognized icon, as it is likely to be a malicious file
the newly installed file manager and search for any files that start with
the last modification date of the files. Then delete these files and delete any
other unrecognized files with the same modification date
enable Google Play on your device
Ethical hacking specialists claim that this
method removes any traces of xHelper on the affected device, ensuring that the
malware will not be reinstalled again.
The International Institute of Cyber Security (IICS)
mentions that xHelper infections remain a constant threat in the wild, so the
dissemination of this method can be useful in combating the extent of the
operators of this malware.