Home Malware Programs Trojans Xerxes Malware

Xerxes Malware

Posted: July 21, 2020

The Xerxes Malware used to be a privately developed Trojan for the Android operating system. However, it became much more accessible to cybercriminals in May 2019 when its source code was released online – it is not clear whether this was an accident, or if the authors published their malware's source code intentionally. Regardless of the reason, Xerxes quickly became a favorite of many cybercriminals who were looking to experiment with Android-compatible cyber threats.

When the Xerxes Malware was first reported, malware experts determined that it shared a lot of features with LokiBot, another Android Banking Trojan that was released a few years ago. However, the author of the Xerxes Malware had extended the implant's feature successfully, and the threat was able to do more than just collect banking credentials – the Xerxes Malware also supports the ability to encrypt the files stored on the Android device, and then extort the victims for money by offering to provide them with a decryption utility. Android Trojans with ransomware modules are not a frequent occurrence, and the Xerxes Malware is one of the few to support this threatening feature.

Unfortunately, recovering the files locked by the Xerxes Malware may be next to impossible, and often the only reliable way to accomplish this task is to restore the files from a reserve backup. When the Xerxes Malware manages to plant itself on a vulnerable Android device, it may adopt a name typical for popular Google services, therefore making it more difficult to identify the corrupted application and process. The threat may be spread via fake downloads, phishing text messages or emails and fake applications hosted on shady websites.

Apart from being very threatening on its own, the Xerxes Malware also has enabled other cybercriminals to develop new malware based on the project's source code – the latest Android Trojan to make use of Xerxes' source code is the BlackRock malware that first appeared in July 2020. The pleasant news is that regardless of how advanced Android Trojans may be, there is one guaranteed way to stop them – invest in a reputable Android anti-virus application that will scan incoming files for harmful traits, and terminate them in case it detects any unsafe intentions.

Use SpyHunter to Detect and Remove PC Threats

If you are concerned that malware or PC threats similar to Xerxes Malware may have infected your computer, we recommend you start an in-depth system scan with SpyHunter. SpyHunter is an advanced malware protection and remediation application that offers subscribers a comprehensive method for protecting PCs from malware, in addition to providing one-on-one technical support service.

Download SpyHunter's Malware Scanner

Note: SpyHunter's free version is only for malware detection. If SpyHunter detects malware on your PC, you will need to purchase SpyHunter's malware tool to remove the malware threats. Learn more on SpyHunter. If you would like to uninstall SpyHunter for any reason, please follow these uninstall instructions. To learn more about our policies and practices, visit our EULA, Privacy Policy and Threat Assessment Criteria .

Why can't I open any program including SpyHunter? You may have a malware file running in memory that kills any programs that you try to launch on your PC. Tip: Download SpyHunter from a clean computer, copy it to a USB thumb drive, DVD or CD, then install it on the infected PC and run SpyHunter's malware scanner.