A new malware strain, namely “xHelper” has been identified by Malwarebytes, which has affected over 45,000 Android Devices.
This android xHelper malware has a method to disguise itself and evade any kind of antivirus. This malware is pushed when a user installs an app from a third-party website.
After the installation, the trojan works by displaying popups and notifications. This malware does not conduct any malicious activity that could lead to the loss of your personal data.
It just encourages users todo tasks and download apps.
The malware uses encryption to obscure itself and not get removed when a factory reset occurs.
The trojan comes in two variants- semi-stealth and full-stealth. Neither of these show app icons and full-stealth does not even show notifications which we can see in semi-stealth.
This trojan has been made to start automatically when certain actions like device boot up, network connection are evoked. Once it starts operating as the foreground service.
So, we suggest the users sideload and download apps from third party sources.