11 Million Android Devices Infected with Necro Malware Throughout Play Store
Overview of Necro Malware
A new variant of the Necro malware for Android, known for its nefarious capabilities, has recently compromised over 11 million devices. The infection primarily occurred through the Google Play Store and unofficial websites, where malicious software development kits (SDKs) were embedded in legitimate apps.
Distribution Methods
- Infection via modified popular apps (e.g., WhatsApp mods and Spotify variants).
- Utilization of SDKs such as Coral SDK for concealment of malicious activities.
- Adware hidden in invisible WebView windows leading to fraudulent activities.
Implications for Users
This malicious software can install various payloads that activate harmful plugins, leading to subscription fraud and the routing of malicious traffic. Kaspersky has reported two specific infected apps:
- Wuta Camera by 'Benqu': Over 10 million downloads.
- Max Browser by 'WA message recover-wamr': One million downloads before removal.
As technology evolves, malicious threats like Necro malware continue to pose risks. Google is currently investigating the reported apps to enhance user safety.
This article was prepared using information from open sources in accordance with the principles of Ethical Policy. The editorial team is not responsible for absolute accuracy, as it relies on data from the sources referenced.