Android malware that resists factory resets has infected over 45,000 devices in 6 months

Written 7 months ago by IanDorfman

Android users have another malware scare to stay vigilant against, with over 45,000 unique devices already infected.

Called xHelper, the malware comes in two know variants: semi- or full-stealth, with no app icon or shortcut created in either variant. Because of this, malicious activities can be performed without the user even noticing.

xHelper is only launched by external events like plugging or unplugging it from a power source, restarting it, or the installation or removal of an app. By running as a foreground service, its chances of being terminated due to high CPU use are lowered.

According to Symantec, no samples of the malware can be found on software hosted on the Small Google Play Store iconGoogle Play Store, instead coming from unknown third party sources. While more info is being researched, make sure to only download software you trust. Additionally, whenever you install software, make sure you know what permissions you're giving it in terms of accessing data and controlling your Small Android iconAndroid smart device.

What do you think about the relatively frequent discoveries of malware on Android? Will it impact your decision when it's time to upgrade your phone? Let us know on our Facebook and Twitter pages, or take the discussion to our forums!

Further coverage:
Symantec
Android Central
ZDNet