Over the past couple of years, reports of malware affecting Android devices have skyrocketed. We’ve had the Agent Smith malware, ZooPark, QR code apps that were actually malware, Skygofree, and just so many others. Now, there’s yet another strain of malware affecting Android devices, and this one, reports suggest, is basically unremovable.
The xHelper malware basically gets installed in situations where users are trying to sideload untrusted apps using fishy websites. The sideloaded app installs the malware on the device, after which it can do whatever the developers want it to do.
So far, it seems that the malware is showing ads and spam notifications to earn revenue by spamming users, but security researchers warn that the malware has the ability to install secondary payloads on infected devices — these payloads can be anything. From DDoS modules, to password stealers.
What’s even more worrying perhaps, is the fact that the malware is nearly unremovable. Affected users are reporting that the malware automatically reinstalls itself after being deleted, and somehow is able to reinstall even after a factory reset. Antivirus software have been mostly unsuccessful at removing the malware as well, with some users reporting that their antivirus was able to remove the malware, but others reporting that it isn’t even detecting the malware on their devices.
Reports about the malware have been doing rounds on the internet for a few months, with people discussing its unremovable state on Reddit, Play Store Help, and other Android forums.