In October, we warned that a particularly malicious strain of Android malware called xHelper had already infected 45,000 phones and seemed nearly impossible to get rid of Even a factory reset did not help

Now, Kasperky researchers have figured out how xHelper makes itself "unkillable" and how to kill it

The xHelper Trojan "disguises itself as a popular cleaner or speed-up app" and acts like a matryoshka (Russian nesting doll), using a multi-step infection process, wrote Igor Golovin of Kaspersky in a blog post earlier this week

The end result is infection by the Triada malware, which Kaspersky once called "organized crime on Android" This new version of Triada is embedded deep into the Android system partition, from where it can reinstall itself and other malware after a factory reset

Also, at least three of the malicious apps involved in the xHelper/Triada infection process are "droppers" who intend to install anything and everything on the phone, thus putting it at risk for all kinds of malware

From there, Golovin writes, the only option is to completely reflash the phone's firmware

However, Malwarebytes researchers have shown how to remove at least one variant of xHelper by using a file manager app and one of the best Android antivirus apps

Both methods may be "pointless" in some cases because "the firmware of smartphones attacked by xHelper may come preinstalled with malware that downloads and installs programs (including xHelper) on its own," Golovin writes

The good news is that xHelper seems to primarily affect cheap Chinese smartphones running Android 6 Marshmallow or Android 7 Nougat and getting their apps from sources other than the official Google Play store

If you're using a flagship or mid-range Android phone, leaving your settings set to not accept apps from "unknown sources" and running one of Android's best antivirus apps, you're probably fine