Skip to main content
  1. Home
  2. Mobile
  3. News

Android malware keeps returning even after factory reset through Google Play

By

Cybersecurity firm Malwarebytes revealed a form of Android malware that keeps returning even after performing a factory reset on a smartphone.

Recommended Videos

Malwarebytes discovered the Android trojan named the xHelper in May 2019. The malware is capable of installing itself on an Android device without notifying the owner, then receives remote commands and downloads additional malware into the infected smartphone or tablet.

Related

Unfortunately, it appears that xHelper is still evolving. Amelia, an Android device owner, reached out to the Malwarebytes support forum to seek help for a curious case.

Amelia was able to remove two variants of xHelper and a trojan agent from her Android device through Malwarebytes’ app. However, xHelper kept coming back less than an hour after it was removed, even after Amelia performed a factory reset on her phone.

In Malwarebytes’ investigation, the first suspect for the returning xHelper was pre-installed malware, which was a possibility because Amelia’s phone was made by an unnamed, lesser-known manufacturer. However, after Amelia was guided through the process of checking if this was the case, xHelper did not go away.

Malwarebytes then noticed that the source of installation for xHelper was Google Play. When the service was deactivated, the re-infections of the malware stopped.

The firm determined that Google Play itself was not infected with malware, but it was triggering the re-installation of xHelper. They then discovered an Android application package hidden inside the phone’s files that serves as a trojan dropper. Directories and files, including the APK, remain on an Android device even after a factory reset, unlike apps, which is how xHelper keeps infecting the phone. The method for installing the APK through something triggered by Google Play, however, is still under investigation.

Malwarebytes, which detailed a step-by-step guide for removing xHelper malware, tagged Amelia’s case as a “new era in mobile malware,” as a factory reset is usually the last, but effective, option in cleaning an infected device. Fortunately, Amelia “was as persistent as xHelper itself” in searching for the truth behind the case.

Hackers are continuously evolving, taking advantage of technology and current events for their attacks. As always, people should remain vigilant against cybersecurity threats and are recommended to reach out to experts for any suspected security risks.

Editors’ Recommendations

Topics
Aaron Mamiit
Aaron Mamiit
Contributor
Aaron received an NES and a copy of Super Mario Bros. for Christmas when he was four years old, and he has been fascinated…
I already damaged my Apple Watch Series 10
i already damaged my apple watch series 10 dt 1

I don’t think I’m clumsy, but I swing my arms a lot and still grimace every time a smartwatch on my wrist hits an immovable object. Yet, for all this movement, I’ve never managed to deeply scratch or lightly crack an Apple Watch display … until now.

The Apple Watch Series 10 doesn’t have many compromises over the Apple Watch Ultra 2, and I even made the switch permanently before this happened. It’s big, thin, and beautiful, but the Apple Watch Series 10 also uses a less durable protective shield for its display.

Read more
The Amazon Kindle Colorsoft’s display issue just got worse
Front profile of the Amazon Kindle Colorsoft Signature Edition

If you recently ordered a Kindle Colorsoft Signature Edition, there's been some unfortunate news. As reported by Good e-Reader, Amazon is temporarily halting shipments of its first color Kindle due to display issues.

As Digital Trends reported earlier, some early users of the Kindle Colorsoft have reported a discolored yellow area at the bottom of the screen. This problem has significantly impacted user reviews, resulting in an average rating of only 2.7 out of 5 on the Amazon website.

Read more
Best Amazon Fire tablet deals: Save on Fire HD 8, Fire Max 11 and more
The Amazon Kindle Fire Max 11's Home screen.

A tablet can make a nice addition to one’s device ecosystem, and shopping the best tablet deals is a great way to take a tablet home with some savings. And whether you prefer a new tablet for reading books, browsing the web, or watching your favorite movies, the Amazon Fire Tablet lineup is full of affordable options. There almost as many Amazon Fire Tablet deals out there right now as there are Fire Tablet models, and we’ve rounded up all of the best Amazon Fire Tablet deals below. If you're looking for something more specific to reading e-books you can check out today’s Kindle deals, or the current Samsung tablet deals, iPad deals, and Microsoft Surface Laptop and Surface Pro deals have a lot to offer if a more professionally-minded tablet sounds right for you.
Amazon Fire HD 8 -- $55 $100 45% off

If you just need a basic tablet for simple functions such as browsing the internet, doing online shopping, and watching streaming shows, the incredibly affordable Amazon Fire HD 8 may be enough. It's not going to wow you with its performance, as it's only equipped with 2GB of RAM with limited storage of 32GB, but it's got an 8-inch touchscreen with HD resolution and built-in support for Amazon's Alexa, so if that's all you need, go for the Amazon Fire HD 8.

Read more