Skip to main content
  1. Home
  2. Mobile
  3. News

Android malware keeps returning even after factory reset through Google Play

By

Cybersecurity firm Malwarebytes revealed a form of Android malware that keeps returning even after performing a factory reset on a smartphone.

Recommended Videos

Malwarebytes discovered the Android trojan named the xHelper in May 2019. The malware is capable of installing itself on an Android device without notifying the owner, then receives remote commands and downloads additional malware into the infected smartphone or tablet.

Related

Unfortunately, it appears that xHelper is still evolving. Amelia, an Android device owner, reached out to the Malwarebytes support forum to seek help for a curious case.

Amelia was able to remove two variants of xHelper and a trojan agent from her Android device through Malwarebytes’ app. However, xHelper kept coming back less than an hour after it was removed, even after Amelia performed a factory reset on her phone.

In Malwarebytes’ investigation, the first suspect for the returning xHelper was pre-installed malware, which was a possibility because Amelia’s phone was made by an unnamed, lesser-known manufacturer. However, after Amelia was guided through the process of checking if this was the case, xHelper did not go away.

Malwarebytes then noticed that the source of installation for xHelper was Google Play. When the service was deactivated, the re-infections of the malware stopped.

The firm determined that Google Play itself was not infected with malware, but it was triggering the re-installation of xHelper. They then discovered an Android application package hidden inside the phone’s files that serves as a trojan dropper. Directories and files, including the APK, remain on an Android device even after a factory reset, unlike apps, which is how xHelper keeps infecting the phone. The method for installing the APK through something triggered by Google Play, however, is still under investigation.

Malwarebytes, which detailed a step-by-step guide for removing xHelper malware, tagged Amelia’s case as a “new era in mobile malware,” as a factory reset is usually the last, but effective, option in cleaning an infected device. Fortunately, Amelia “was as persistent as xHelper itself” in searching for the truth behind the case.

Hackers are continuously evolving, taking advantage of technology and current events for their attacks. As always, people should remain vigilant against cybersecurity threats and are recommended to reach out to experts for any suspected security risks.

Editors' Recommendations

Topics
Aaron Mamiit
Aaron Mamiit
Contributor
Aaron received a NES and a copy of Super Mario Bros. for Christmas when he was 4 years old, and he has been fascinated with…
Stalking apps: Google deletes 7 Android trackers from the Play Store
how to send money on facebook smartphone friends internet connection

While there are already a bunch of legitimate apps and services that can let you know the whereabouts of family or friends, there are also a few sinister variations that let abusive types spy on partners, among others.

Antivirus firm Avast revealed on Wednesday that its researchers recently uncovered seven so-called “stalkerware” apps on the Google Play Store, all of which have now been removed by the web giant.

Read more
iPad Pro (2024) vs. iPad Pro (2022): a surprisingly big upgrade
Comparison of 2024 iPad Pro with 2022 iPad Pro.

The iPad Pro 2022 (left) and iPad Pro 2024 Apple

After years of waiting, Apple finally delivered what many are calling the ultimate form of the iPad Pro. The 2024 refresh of the iPad Pro is no regular iterative update. In fact, it even leapfrogs the Mac by serving as the introductory platform for next-gen silicon. It is the thinnest machine Apple has made so far, and it truly looks breathtaking from an engineering perspective.

Read more
What is 5G? Speeds, coverage, comparisons, and more
Someone using the Moto G Stylus 5G (2024).

For years, 5G mobile networking has been the golden goose egg that many mobile device manufacturers and carriers have been striving for. And now more than ever, that dream is very much a reality. 5G connectivity can be found on everything from iPhones to Android hardware, and even some third-party mobile devices. But is there really that big of a difference between 5G and 4G/LTE? The simple answer is yes, but nothing’s ever just black and white, especially when we’re talking about consumer tech. 

Not to worry though: We’ve been researching and working with 5G devices for a long time here at Digital Trends. To help you through the weeds on the subject, we’ve put together this 5G guide to give you all the mobile know-how you’ll need. 
What is 5G?

Read more