xHelper "삭제가 불가능"트로이 목마는 감염된 45,000 안드로이드 기기

xHelper 트로이 목마, 안드로이드 장치 용으로 만들어, 먼저 올해 봄에 전문가에 의해 발견되었다, 그러나 문제의 첫 번째 세부 보고서는 8 월에 등장, when Malwarebytes experts 보고 that the malware had already infected 35,000 장치.

에스ymantec experts 출판 a review on the malware and claim that the number of infected devices has already exceeded 45,000, and on average xHelper infects 131 new victims per day (약 2,400 new victims per month), most of which were found in India, the USA and Russia.

“The main source of infections are redirects and suspicious sites that forward users to pages with Android applications. Such sites instruct the user in detail how to download applications not from Google Play, and the code hidden in the applications ultimately leads to the loading of xHelper”, – say researchers.

xHelper is currently displaying intrusive pop-up ads and spam alerts to its victims. 일반적으로, such ads and notifications lead users to the Play Store, where they are invited to install other applications. XHelper operators earn commissions that they receive for each such installation. Neverthelss, the malware has other, much more dangerous functions.

Both companies write that xHelper can download and install other applications. And malware operators can use this feature to deploy second-level threats, including ransomware, bank trojans, 등등.

“However, the most interesting feature of xHelper is that it does not work like most Android malware When the trojan gains access to the device through the initial application, xHelper installs itself as a separate standalone service. 최종적으로, removing the original application does not remove xHelper, and the malware will continue to display ad windows and notifications”, — warn the researchers.

보다 나쁜, even if the victim finds the xHelper service in the OS settings, deleting it will not help the case, as the trojan is reinstalled every time, even if the user resets the device to the factory settings.

일부 경우에, users complained that even uninstalling the xHelper service and disabling the ability to install applications from unknown sources did not help: the device appeared to be re-infected literally a few minutes after cleaning, and the option “install apps from unknown sources” turned out to be active again. Such discussions can be found on Reddit, among the topics on the Google Play Help.

또한 읽기: Casbaneiro 뱅킹 트로이 목마는 암호 화폐를 훔치기 위해 유튜브를 사용

동시에, experts from Malwarebytes and Symantec were not able to understand how xHelper “survives” after this. There was no Trojan interference in the operation of system applications and services, and Symantec believes that xHelper is unlikely to be preinstalled on devices out of the box, although the malware actually appears more often on devices of specific brands. Despite these facts, many users believe that this is the case and urge others not to buy cheap Chinese phones.

트로이 킬러 소개

메모리 스틱에 트로이 킬러 휴대용 운반. 당신은 당신이 어디를 가든 당신의 PC가 어떤 사이버 위협에 저항 도울 수 있는지 확인하십시오.

또한 확인

Dacls RAT (액세스 트로이 제거)

Dacls RAT를 제거하는 방법 (액세스 트로이 제거)?

Dacls RAT, Dacls Remote Access Trojan이라고도 함, 대상으로하는 악성 소프트웨어입니다 …

DirectXRunnable.exe를 쉽게 제거하는 방법

새로운, 매우 안전하지 않은 cryptocurrency 광부 감염은 실제로 보호 과학자들에 의해 발견되었습니다.. 그만큼 …

회신을 남겨주