“xHelper”: Researchers Founded A Way To Get Rid Of The Malware Which Emerges Again After Deletion And Cannot Be Resolved By Factory Reboot!!!

by

The malware helper has been a great headache for Android users worldwide. The first case was reported in March of the year 2019. There have been complaints from various places regarding an app that was unable to remove. The main problem was that it couldn’t be removed even after the factory reset and created annoying pop-ups and spam notifications.

How It Evolved?

The last year witnessed a widespread malware attack reaching more users. Within a period of 6-7 months, the number of infected devices increased to 45000. Based on reports from researchers, the main cause of malware infection was due to unnecessary web redirects. These redirects will leave users to pages that hosted android apps. Following the instructions in the site, that helped users to download unofficial Android apps that are not available in PlayStore. The hidden code with malicious intention downloaded the helper Trojan.

"xHelper": Researchers Founded A Way To Get Rid Of The Malware Which Emerges Again After Deletion And Cannot Be Resolved By Factory Reboot!!!

Even though finding this source for the malware was easy, what bothered researchers was the problem of getting rid of the painful malware. Even uninstalling the original helper app and factory resetting couldn’t stop the malware from occurring again. Even after resetting the phone, the malware would pop up again after a few hours of time. The app will eventually reinstall itself without the user’s consent or interaction.

How to Remove?

The only way found to get rid of the malware was a full device reflash. This involved the reinstalling of the Android Operating System. The solution was, however, not feasible since many users did not have the proper knowledge and access to Android OS firmware and files.

We will discuss a number of steps to be performed so that the user can remove the malware infection from their phone.

"xHelper": Researchers Founded A Way To Get Rid Of The Malware Which Emerges Again After Deletion And Cannot Be Resolved By Factory Reboot!!!

  1. Get a file manager to search for files and directories on your phone.
  2. Temporarily disable Google Play for a short period to prevent re-infection
  3. Scan using Malware Scanners for your device and find the app that hides the helper malware.
  4. In File Manager, look for files starting with com.mufc. And sort the founded files based on the modified date.
  5. The files founded, starting with com.mufc. Must be deleted. If any other files exist on the same date, that too must be deleted from the device.

Once all the infectious files are deleted, go for Google Play and re-enable it.

Leave a Comment