Featured Post

Avira Antivirus Pro - Review 2020 - PCMag India

Image
Avira Antivirus Pro - Review 2020 - PCMag IndiaAvira Antivirus Pro - Review 2020 - PCMag IndiaPosted: 11 Jun 2020 12:00 AM PDTEvery computer needs antivirus protection, and one way companies can support that aim is to provide free antivirus to the masses. But these companies can't survive unless some users shell out their hard-earned cash for paid antivirus utilities. Piling on pro-only tools and components is one way companies encourage upgrading to a paid antivirus. Avira Antivirus Pro adds several components not available to users of Avira Free Security, but they don't really add much value. The biggest reason to pay for it is if you want to use Avira in a commercial setting, which isn't allowed with the free version.Avira's pricing is undeniably on the high side, with a list price of $59.88 per year for one license, $71.88 for three, and $95.88 for five. Admittedly, it seems to be perpetually on sale; just now, the one-license price is discounted to $44.99. That…

Android ALERT: A ‘new era in mobile malware’ could have just infected your phone - Express

Android ALERT: A ‘new era in mobile malware’ could have just infected your phone - Express


Android ALERT: A ‘new era in mobile malware’ could have just infected your phone - Express

Posted: 19 Feb 2020 12:00 AM PST

Android smartphone owners must be getting pretty used to the daily warnings about malware-filled apps and device-infecting adware. Threats continue to arrive thick and fast but the latest alert could be one the most concerning to date.

A new report from the team at Malwarebytes has uncovered a new attack which is able to reinfect a phone even after everything is deleted and a full factory reset has been performed.

The bug is so bad that mobile researcher, Nathan Collier, said: "This is by far the nastiest infection I have encountered."

This shock Android Trojan is called xHelper and was actually discovered last year with it aimed at infecting Google-powered devices with malware.

However, it now seems this attack is far more serious than first thought with one Android user getting in touch with Malwarebytes to report the bug kept returning despite her performing full factory resets.

Speaking on a forum page the owner said: "I have a phone that is infected with the xhelper virus. This tenacious pain just keeps coming back.

"I'm fairly technically inclined so I'm comfortable with common prompt or anything else I may need to do to make this thing go away so the phone is actually usable!"

After digging into the settings and routing through endless folders on her phone, Malwarebytes discovered a hidden package that is able to re-install itself each time a device is reset.

READ MORE:

Google Android warning

Google Android warning - new threat discovered and here's what all users need to do (Image: GETTY)

More concerning is the discovery that something within Google Play was actually triggering the re-infection.

Malwarebytes is keen to point out that Google Play is not actually infected with malware. However, something within it is somehow triggering the re-infection,

Furthermore, that something could also be using Google PLAY as a smokescreen, falsifying it as the source of malware installation when in reality, it was coming from someplace else.

"It's important to realise that unlike apps, directories and files remain on the Android mobile device even after a factory reset. Therefore, until the directories and files are removed, the device will keep getting infected," said Malwarebytes' Nathan Collier.

If you are experiencing re-infections of xHelper, here's how to remove it:

• Install a file manager from the Google Play Store that has the capability to search files and directories

• Disable the Google Play Store temporarily to stop re-infection

• Go to Settings > Apps > Google Play Store

• Press Disable button

• Run a scan in Malwarebytes for Android to remove xHelper and other malware

• Manually uninstalling can be difficult, but the names to look for in Apps info are fireway, xhelper, and Settings (only if two settings apps are displayed)

• Open the file manager and search for anything in storage starting with com.mufc

• If found, make a note of the last modified date

Speaking about the new threat Collier added: "This, however, marks a new era in mobile malware. The ability to re-infect using a hidden directory containing an APK that can evade detection is both scary and frustrating.

"We will continue analysing this malware behind the scenes. In the meantime, we hope this at least ends the chapter of this particular variant of xHelper."

Comments

Popular Posts

System detected an overrun of a stack-based buffer in this application [FIX] - Windows Report

Valorant anti-cheat lead answers many questions on Reddit - Millenium US