Until now, when there was a malware or any other threat to our device, we removed it with an antivirus, or installing a patch to close the door. But in the case of this xHelper researchers themselves thinking about how they can put it remedy. Because at this moment he has quite baffled them.
This threat was first detected in March 2019 and became official in May. It is a malware that shows us advertising permanently, inviting us to visit the Play Store to download apps of all kinds. Work that reports a good benefit to its developers thanks to the policies of affiliations with partners. For him they created all kinds of patches and security measures so, in theory, all Android phones should be vaccinated. But it’s not like that. What has happened?
An intelligent virus?
Malwabytes is the name of an antivirus that has made some discoveries about this disturbing xHelper. The first is that it is not useful to make a complete restart of the phone. They have discovered, the virus returns again and again. Although the protection we have installed in the terminal has told us that the system is already clean.
According to the report they have published, they warn us that the source could be in the Android online store: “ Google Play was not infected with malware. However, something inside Google Play was causing the re-infection, maybe something that was stored. In addition, that something could also be using Google Play as a smoke bomb, falsifying it as the source of malware installation when, in fact, it comes from somewhere else. ”
Antivirus company itself, which are security experts, recognize that seeing the evidence of what happened they do not know how xHelper uses Google Play to trigger the infection again. The only explanation they imagine is that “nowhere on the device does Trojan.Dropper.xHelper.VRW [the malware] seem to be installed. We believe it was installed, executed and uninstalled again in seconds to evade detection, all for something triggered from Google Play. The how behind this is still unknown.”
If you want to take measures, just in case, from the firm explain that a good idea is to disable the Google Play store on Android services, later perform an analysis with an antivirus and, if we detect its presence, clean it completely. In this way, we could prevent it from being reinstalled again and again … or not.