xHelper Trojan was discovered in 2019 and had quickly become infamous for being the malware that was impossible to remove. A Kaspersky report says that as of March 2020, the malware has infected nearly 55,000 Android devices, with many more still under its threat.
What Makes it Impossible to Remove?
The way this Trojan works, after it is installed, it runs a series of downloads of other malicious files, including one known as Triada. Triada provides xHelper with root access of the device, which is the reason it becomes almost impossible to remove.
The malware module installed in the system folder simply reinstalls the deleted applications.
Even if a user performs a factory reset of their Android device, the malware still manages to creep back into the device. It is unknown how xHelper manages to evade a factory reset.
xHelper is particularly dangerous because it creates a backdoor that the attackers can use to execute commands as if they’re a superuser, as well as gain access to all app data.Igor Golovin, Malware Analyst at Kaspersky
How to Protect Your Device
- The best way to protect your devices from these kinds of malware is to only install applications from trusted sources. Don't sideload apps from third-party sources on the web.
- Install powerful antivirus software on your device that regularly scans for new malware and trojans. Antivirus companies are working regularly to make sure their software can safeguard your devices from these kinds of trojans.
(At The Quint, we question everything. Play an active role in shaping our journalism by becoming a member today.)