A rare event, albeit not a positive one: For the first time in three years, a mobile trojan has been able to penetrate the top ten of most threatening malware at this moment. XHelper focuses specifically on Android users.
Last month’s Global Threat Index features Check Point Software Technologies’ relatively new mobile malware. XHelper was first noticed in March this year, and already managed to create enough of an impression to jump to the eighth position in the index in a few months time. This partly stems from the complex nature of the trojan (the source code has been modified several times, thus avoiding the use of antivirus scanners), so the mobile malware ends up high on the list.
Similar to Emotet
Last month, the Emotet botnet was still well ahead of Xhelper, but with a slightly reduced range. According to Check Point, XHelper and Emotet show striking similarities, including the possibility to be customised to serve a certain purpose. Check point emphasises that organisations do well to inform their staff about malware and ways to counter threats.
In the case of XHelper, the malware can be used to download other malicious software. It can also be used to display malicious advertisements. In addition, the application is able to reinstall itself in the case of removal by the user.
XHelper is in first place when it comes to threats on mobile devices, closely followed by the similar Guerrilla. This trojan is used to obtain fraudulent advertising revenue as well.