New Necro Trojan Variant Targets Android Users via Google Play Apps

25 Sep 2024

Emerging Threat: The Necro Trojan Targets Android Users

In a concerning development for Android users, security researchers at Kaspersky have unveiled a new variant of the Necro trojan, which is infiltrating devices through both legitimate Google Play applications and altered APKs found on unofficial websites. This sophisticated malware poses a significant risk, with capabilities that include stealing sensitive information, installing additional malicious software, and executing commands remotely on compromised devices.

Kaspersky’s investigation led to the identification of two infected applications on the Google Play Store:

  • Wuta Camera: Over 10 million downloads.
  • Max Browser: Over 1 million downloads.

Following Kaspersky’s alert, Google promptly removed these applications from its platform to safeguard users.

Moreover, the researchers found the Necro trojan hidden within unofficial “modded” versions of popular applications such as Spotify, WhatsApp, Minecraft, Stumble Guys, Car Parking Multiplayer, and Melon Sandbox. These modified APKs, often marketed as offering premium features at no cost, are prevalent on third-party sites and represent a substantial threat to unsuspecting users.

Understanding the Necro Trojan’s Capabilities

The distribution methods employed by the attackers are varied and cunning. For instance, in the Spotify mod, an embedded SDK was used to present advertising modules. If a user interacted with a particular image-based module, the trojan payload would be activated from a command-and-control (C&C) server. Similarly, the WhatsApp mod utilized Google’s Firebase Remote Config cloud service as a C&C server, deploying the trojan upon user engagement with a designated module.

Once the Necro trojan has infiltrated a device, it can execute a multitude of harmful actions, including:

  • Downloading and installing additional malicious files and applications.
  • Opening invisible browser windows to run harmful JavaScript code.
  • Subscribing users to costly paid services without their consent.
  • Stealing sensitive data, including login credentials and financial information.

Guidance for Users

While the infected apps on Google Play have been removed, the threat from modded APKs continues to loom large. Kaspersky offers the following recommendations to help users protect themselves:

  1. Avoid downloading applications from untrusted third-party sources.
  2. Only install apps from official app stores like Google Play.
  3. Exercise caution with apps that claim to provide premium features for free.
  4. Consider installing a reputable mobile antivirus solution to enhance security.

Update: 25 Sep 2024

Top charts for Mobile Android

uTorrent

uTorrent

Latest update uTorrent download for free for Windows PC or Android mobile

5
1032 reviews
7396993
downloads
Zona

Zona

Latest update Zona download for free for Windows PC or Android mobile

4
614 reviews
1701844
downloads
WinRAR

WinRAR

Streamline file management with fast compression, secure your documents, and save space.

5
735 reviews
730746
downloads
Minecraft

Minecraft

Shape environments, explore vast worlds, and survive against monsters with endless creativity.

5
750 reviews
491633
downloads

News and reviews for Mobile Android

Microsoft Requires Latest Intune MAM Updates by 2026

Microsoft Requires Latest Intune MAM Updates by 2026

Microsoft mandates Intune MAM updates for iOS and Android by 2026 to enhance app security and functionality.

Read more
Top WhatsApp Alternatives for Android Users 2023

Top WhatsApp Alternatives for Android Users 2023

Discover seven WhatsApp alternatives for Android users, including Google Messages and Signal, offering varied features and privacy options.

Read more
Google Integrates 'Answer Now' in Gemini for Quick Responses

Google Integrates 'Answer Now' in Gemini for Quick Responses

Google introduces the Answer Now feature to Gemini users, enhancing speed by skipping in-depth processing.

Read more
Significant Price Drops on Android App Deals Announced

Significant Price Drops on Android App Deals Announced

Android users can now enjoy discounts on apps like Undergrave and Red Ronin, as announced on 2026-01-19.

Read more
Google Revamps Voice Search for Android Users

Google Revamps Voice Search for Android Users

Google updates Voice Search on Android, enhancing design and features. Expected user experience improvements.

Read more
New Android Deals Spotlight: Icon Packs and Games Discounted

New Android Deals Spotlight: Icon Packs and Games Discounted

Today's top Android deals highlight major discounts on games and icon packs, offering savings on popular titles like Undergrave and Red Ronin.

Read more
Google Refreshes Voice Search Design on Android

Google Refreshes Voice Search Design on Android

Google updates Voice Search on Android with a new design and features, enhancing user experience with language settings and a song search function.

Read more
Free Apps: Alternatives to Cut Subscription Costs

Free Apps: Alternatives to Cut Subscription Costs

Discover five free apps that can replace paid subscriptions, offering new features and cost savings.

Read more
Google Expanding Magic Cue with Google Wallet and Tasks

Google Expanding Magic Cue with Google Wallet and Tasks

Google's Magic Cue on Pixel 10 may soon integrate with Google Wallet and Tasks, enhancing real-time updates and task management.

Read more
How to Start a Secret Conversation in Messenger

How to Start a Secret Conversation in Messenger

Learn how to initiate a secret conversation on Messenger for end-to-end encryption.

Read more
All article