Android continues its daily struggle to eliminate malware from its system.
Discovered last year, it has now been made known to malware that resists until factory restoration.
When malware is discovered on the Android system, it usually ends up being easily eliminated by simply uninstalling the infected application, manually deleting the files or, ultimately, doing a system restore. However, for one of the latest malware discovered for Android, this may no longer be enough.
Discovered last year, xHelper is a malware for the small Android system, only present on about 33 thousand devices and centered in the United States. This works like a Trojan to execute commands remotely, thus allowing the installation of applications.
However, according to an investigation by the Malwarebytes, this may be more complex malware than it initially appeared. When trying to delete these files, the researchers realized that they automatically reinstalled themselves after an hour, in exactly the same directory. To make matters worse, not even a factory restoration is sufficient, since it will also be reinstalled shortly after starting the system.
Malware relies on the Play Store to reinstall itself
When investigating more about this problem, it was realized that the source of the problem is in a series of folders that store the APK and run it shortly after the system starts. At first, it was thought that these files were stored on the microSD card. However, since it also happened on equipment that did not support storage expansion, this was an abandoned theory.
It was then realized that there was a connection of this malware to the Play Store, which is the source for reinstalling these files. In addition, storage may be done in permanent system folders, which store files essential to the equipment's operation and which should only be available to Google and Android.
For now, the solution is to disable the Play Store application and subsequently delete xHelper folders manually.
Thus, it is discovered what is considered the most resistant malware ever in the Android system, for which researchers are still looking for a more effective solution.