Over the past six months, the xHelper Android malware strain has made a name for itself after popping up on the radar of several antivirus companies, and annoying users thanks to a self-reinstall mechanism that has made it near impossible to remove.
First spotted back in March but slowly expanded to infect more than 32,000 devices by August, eventually reaching a total of 45,000 infections this month. The malware is on a clear upward trajectory. Symantec says the xHelper crew is making on average 131 new victims per day and around 2,400 new victims per month.
As with a lot of mobile malware, xHelper comes from an app downloaded outside of the official app store. Unless you absolutely trust the developer, Android users should stick with apps on the Play Store, which have been vetted by Google. That\’s not to say the Play Store is perfect—there are plenty of bad apps there, too—but it certainly lowers the odds of downloading a malicious app. Even if you recognise the app, a third-party APK could be out of date or modified to contain malware or some other exploit.