moritz

Hi Nathan, I followed the instructions and it was successful, so far no re-infection. I hope it stays like this. Thanks for your help. Regards Moritz

It seems to be a pretty recent problem and the update servers of the manufacturer are propabably hacked. I will try the solution described in this blog tonight. https://borncity.com/win/2021/04/03/gigaset-gehackt-android-update-server-liefern-wohl-malware-aus/

It definitely wasn't delivered with malware, but the firmware is neverthless infected now. I just hope someone knows a way to identify the infected system apps similar to xHelper.

Hi, maybe you can help me with my malware problem on my Gigaset GS270 plus. So basically I have a malware that installs three seperate apps at once. Shortly after that Google Chrome Browser opens a commercial site for gaming apps. If I delete those three apps via settings or with Malwarebytes, they are reinstalled within a few hours. Factory reset brings no relieve since the apps are installed again shortly after, simliar to Xhelper but not quite. I can not find any APK files typical for Xhelper (com.mufc) as described in your blog. So I assume it's not XHelper. I hope someone in this forum can help me to find the underlying malware that re-infects my mobile phone and can help me with the steps to get there. The APKs for the three malware apps mentioned above: com.wagd.smarter com.wagd.xiaoan com.wagd.gem All three of them are detected as Android/Trojan.Downloader.Agent.WAGD by Malwarebytes. I already sent an Apps Report to the support staff, but maybe we can find a quick solution here. The ticket is 3423249. I unfortunately sent it twice (3423156). I hope this is not confusing. Thanks in advance for any help. Moritz