This is what is happening at present with a virus that appeared a few years ago, more specifically in 2015, called as Android.xiny. This virus is a trojan which has been updated and returns in 2020 with updated capabilities that allow access the reason of your mobile through superuser permissions, and is able to remove preinstalled applications in our system if necessary to have enough storage space to be able to stay and act without interference of any kind.
This malware can get root permissions on our phone and take advantage of them to access the reason, replacing the system files / system / bin / debuggerd and / system / bin / ddexe, and awaits instructions from a command and control server, so this updated version of the trojan has a devastating potential when collecting information and especially because it is able to access, edit and delete any file from our smartphone at will.
Attention users of old versions of Android
After a analysis made by Dr. Web, it has been found that Android.xiny is primarily aimed at systems Android with a version 5.1 or lower, so it affects especially these older versions that are much most vulnerable by not receiving any update or security patch due to its obsolescence.
This may seem like a lesser evil because these versions of Android are already far behind, however, Google revealed data last year that reported that 1 in 4 users of Android was in his version 5 or previous. This means that 25% of devices worldwide are potentially vulnerable to this virus, so you must take action and take precautions.
How to remove this type of Malware
The objective of this type of virus is usually generate income through payment reference platforms that offer money in exchange for installing different applications on your phone. The problem with this is that older devices generally have a obsolete software, outdated and not very powerful hardware and especially a reduced storage space, so this virus can quickly collapse the system leaving him unusable for the user.
The virus also has the ability to delete applications with rights to Super user, but not only that, but it is capable of rewrite the code to avoid that we can reinstall them and in this way fight it. This makes it very difficult to remove this type of malicious software from our device.
The solution more successful and simple will be to make a backup copy of the device and reinstall operating system completely, either through a ROM official or a precooked one of another developer, who probably offers us updated support for our device and we can take a few more months of use.