Android is the target of an ultra dangerous malware called Xiny, reveal the researchers of Dr Web. In operation since 2015, this trojan is almost impossible to delete from infected smartphones.
In 2016, Dr Web’s cybersecurity experts spotted a malware dubbed Android.Xiny.5260 in tens of millions of Android devices. Despite their efforts, the researchers failed to remove all traces of the malware.
Half a billion Android smartphones are vulnerable
Four years later, experts believe the malware is still active. Xiny exclusively targets smartphones running Android 5.1 or earlier. Phones that have installed a newer version of Android should, therefore, fear nothing. If you bought your smartphone recently, you are safe. Nevertheless, 25% of Android smartphones in circulation remain vulnerable, i.e. half a billion devices, underlines Dr Web. That’s a huge number.
Gizchina News of the week
According to the researchers, the Trojan horse is hidden in apparently harmless applications, available on the Google Play Store or on third-party platforms. Once present on the victims’ phones, Xiny remotely downloads dozens of unwanted applications. The hackers behind Xiny quickly recover significant revenues from developers anxious to artificially inflate their user numbers. This process will also significantly slow down the performance of the device.
So far, the operation of Xiny has been nothing unusual. However, unlike less sophisticated malware, this one remains on the device even if the user decides to delete it. In case of deletion, the APK files intended for the installation of Xiny remain hidden in the memory of the smartphone without the knowledge of its victims.
To get rid of Xiny, there is only one solution: flash a system ROM on your phone. This operation will reset your smartphone. So don’t forget to make a backup of it before taking action. Have you ever encountered a malware of this kind? We await your testimony, let us know in the comment box below.
I had this problem 4 years back on Panasonic Eluga A2 mobile.
The Wifi and mobile data automatically gets turn ON and third party apps gets install.
1. I tried to turn of the mobile data and Wifi but still it was getting turned ON.
2. I tried doing complete RESET but still the same problem.
3. I download the System ROM from Panasonic website and installed it but till the same.
4. I took the phone to local store and even they perfomed complete RESET but it did not work and they wanted me to pay $35 to send the phone to the company to fix it.
5. I got into RAM management and disabled third party apps and then installed an anti-virus ( I dont remember the name of the anti-virus) from Play Store. The anti-virus removed all the suspicious apps and after that my phone was working good without any issues.
If you backup, flash, then restore won’t you restore the malware?
Yeah! So True!
That Sucks. Man I’m on android 4. I’m in trouble..
🙁
You can’t say it’s impossible to remove and then proceed to give an option to remove on the same article…
This is clickbait.
If Google was in control over Android security updates then then Android would be far more secure than it is already and would go some way to toward the fragmentation issue that has plagued Android from day one.
MIUI is the answer….
I already have malware ads that interrupt not only Internet but telephone on my Android phone. No one can get rid of them. I am going to switch to Apple and see if it can keep them out! Playstore recently has crumbled and caved to advertisers’ greed.
Has anyone ever heard of formatting Android? Just like formatting a PC you can format an Android and get rid of the virus. There is no virus that is not removed.
Flashing a fresh Rom will work but surely retrieving your back up from the cloud will put you right back where you started ?
I still have a chinese-built phone with the same problems I stopped using it as soon as it turns on Wi-Fi comes on and it starts downloading stuff and installing it, I believe it is still sitting in one of my drawers
I do freelance malware/trojan removal and one of my clients had a bad mass infection containing all sorts of malicious software. This was PC though, regardless the implantation of ghost files and install.cores are a pain. I had to keep task manager open and continuously force stop the process running to be able to delete the ghost files. If I didn’t time it correctly, and delete said ghost files while the process was still running in task manager, it would just reinstall and spread even more.. Making the job extremely frustrating. No malware/virus scanner had the malware in it’s database at the time so it had to be done manually. What a headache.. definite learning experience though..