Skip to main content

New Android Malware Threat: xHelper

N

Nyakundi Report

Newsroom 2 min read

This archive report was first published on 30 October 2019.

Published on October 30, 2019, a new Android malware has been identified, posing a significant threat to users who sideload apps.

xHelper, first spotted in March, has reportedly infected over 45,000 Android devices worldwide, with a significant presence in India, the US, and Russia.

The Trojan has risen to the top 10 list of most detected mobile malware, with cybersecurity firms Symantec and Malwarebytes observing a surge in detections.

According to Symantec, the malware has shown a concerning level of persistence, with an average of 131 devices infected each day and 2,400 persistently infected throughout the month.

Users have reported that uninstalling the app, performing soft and hard factory resets, and disabling the 'Install apps from unknown sources' option do not work, as the setting keeps turning itself back on, and the device is reinfected in a matter of minutes.

The primary source of the infection is unknown, but Symantec believes it may be downloaded from unknown sources, while Malwarebytes researchers suspect it's being spread via shady game websites that trick users into downloading apps from untrusted third-party sources.

xHelper takes its stealth behavior to new heights by not creating an app icon or a shortcut icon on the home screen launcher, making it difficult to detect.

Fortunately, the Trojan does not carry out destructive operations, only showing intrusive popup ads and notification spam.

Be the first to react

Support

Support this reporting

M-Pesa support recorded against this story.

Send support →

Stay close

Get the briefing

Major updates by email. No spam.

Get email brief →

Share

Save share card

Download a clean portrait card for sharing.

Save image →