Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Share Post: Reddit Facebook
The secret behind “unkillable” Android backdoor called xHelper has been revealed
#1
Quote: The precise cause of the reinfections stumped researchers for months.

In February, a researcher detailed a widely circulating Android backdoor that’s so pernicious that it survives factory resets, a trait that makes the malware impossible to remove without taking unusual measures.

The analysis found that the unusual persistence was the result of rogue folders containing a trojan installer, neither of which was removed by a reset. 
The trojan dropper would then reinstall the backdoor in the event of a reset. Despite those insights, the researcher still didn’t know precisely how that happened. 

Now, a different researcher has filled in the missing pieces. More about that later. First, a brief summary of xHelper.

A backdoor with superuser rights 



Continue reading here:
https://arstechnica.com/information-technology/2020/04/solved-how-android-backdoor-called-xhelper-survives-factory-resets/
Reply
#2
(04-18-2020 , 03:43 PM)sidemoon Wrote:
Quote: The precise cause of the reinfections stumped researchers for months.

In February, a researcher detailed a widely circulating Android backdoor that’s so pernicious that it survives factory resets, a trait that makes the malware impossible to remove without taking unusual measures.

The analysis found that the unusual persistence was the result of rogue folders containing a trojan installer, neither of which was removed by a reset. 
The trojan dropper would then reinstall the backdoor in the event of a reset. Despite those insights, the researcher still didn’t know precisely how that happened. 

Now, a different researcher has filled in the missing pieces. More about that later. First, a brief summary of xHelper.

A backdoor with superuser rights 



Continue reading here:
https://arstechnica.com/information-technology/2020/04/solved-how-android-backdoor-called-xhelper-survives-factory-resets/

Guys, be careful what apps do you install on your devices and always use a powerful AV even for phones. Nowadays the dangers are watching around the corner. And of course avoid free apps. For free apps you are the payment. 
Eek
Reply


Possibly Related Threads…
Thread Author Replies Views Last Post
  There's a new scam called 'smishing' that's incredibly sophisticated mrtrout 0 329 05-15-2024 , 10:41 AM
Last Post: mrtrout
  New SideWalk Backdoor Targeting U.S. Computer Retailers mrtrout 0 1,439 08-27-2021 , 01:22 AM
Last Post: mrtrout
  Audacity 3.0 called spyware over data collection changes by new owner mrtrout 0 1,210 07-06-2021 , 12:30 AM
Last Post: mrtrout
  Researchers Warn of Facefish Backdoor Spreading Linux Rootkits mrtrout 0 870 05-28-2021 , 10:58 PM
Last Post: mrtrout
  Bizarro Banking Trojan Sports Sophisticated Backdoor Bjyda 0 854 05-23-2021 , 09:22 PM
Last Post: Bjyda

Forum Jump:


Users browsing this thread: 1 Guest(s)