New ‘unremovable’ xHelper malware-Android devices

Named xHelper, this malware was first spotted back in March but slowly expanded to infect more than 32,000 devices by August (per Malwarebytes), eventually reaching a total of 45,000 infections this month (per Symantec).
The source of these infections is “web redirects” that send users to web pages hosting Android apps. These sites instruct users on how to side-load unofficial Android apps from outside the Play Store. Code hidden in these apps downloads the xHelper trojan. The trojan has shown intrusive popup ads and notification spam. The ads and notifications redirect users to the Play Store, where victims are asked to install other apps — a means through which the xHelper gang is making money from pay-per-install commissions.
Furthermore, even if users spot the xHelper service in the Android operating system’s Apps section, removing it doesn’t work, as the trojan reinstalls itself every time, even after users perform a factory reset of the entire device.
How xHelper survives factory resets is still a mystery

Google Android Malware Warning

android
Adware is a type of malware that hides on your device so it can serve you unwanted adverts, including scam ads. On top of this, adware-containing apps can drain battery resources, increase network traffic and gather your personal information. Here are the 21 apps affected by the adware.It goes without saying that if you have any of these installed, you should delete them now. They have been removed from Google playstore.
rogue

Global Cybersttacks and how to protect

Microsoft Reports Global Cyberattacks on Sporting and Anti-Doping Organizations from Russian Espionage ActorsMicrosoft Reports Global Cyberattacks on Sporting and Anti-Doping Organizations from Russian Espionage Actors

global

Original release date: October 29, 2019
Microsoft publicly released information revealing an uptick in cyberattacks globally targeting anti-doping authorities and sporting organizations. The Microsoft Threat Intelligence Center (MSTIC) routinely tracks malicious activity originating from the Russian advanced persistent threat (APT) group 28, also known as Fancy Bear, STRONTIUM, Swallowtail, Sofacy, Sednit, and Zebrocy. According to Microsoft, APT28 is targeting sporting and anti-doping organizations using spearphishing, password spraying (a brute force technique), fake Microsoft internet domains, as well as open-source and custom malware to exploit internet-connected devices.

To protect against similar attacks, Microsoft recommends:
• Enabling two-factor authentication on all business and personal email accounts,
• Learning how to spot phishing schemes and protect yourself from them, and
• Enabling security alerts about links and files from suspicious websites.