“How does some malware manage to survive a smartphone factory restore?”

(Answer requested by Lilly Vugheen)

Android smartphones keep a spare copy of the operating system on hand, stored in protected files. These files are what’s used to rebuild the system after a factory reset, or a root.

Rare but virulent Android “xHelper” malware can break into and alter the protected files. So, when you reset the phone, it rebuilds itself with hooks for malware already in place.

However, this is rare, and requires a narrow and unusual set of circumstances to pertain before it can happen; usually including the phone’s owner deliberately sideloading unverified third-party software — a known and easily-avoided infection vector.

More info:

Permalink: https://langa.com/?p=5091

[seperator]

COMMENT / QUESTION on THIS ITEM? See the Comment box at bottom of this page!

NEW QUESTION?
Ask here!

(Want free notification of new content? Click here!)

Comment? Question? Reply...?