New Necro Trojan Variant Targets Android Users via Google Play Apps

25 Sep 2024

Emerging Threat: The Necro Trojan Targets Android Users

In a concerning development for Android users, security researchers at Kaspersky have unveiled a new variant of the Necro trojan, which is infiltrating devices through both legitimate Google Play applications and altered APKs found on unofficial websites. This sophisticated malware poses a significant risk, with capabilities that include stealing sensitive information, installing additional malicious software, and executing commands remotely on compromised devices.

Kaspersky’s investigation led to the identification of two infected applications on the Google Play Store:

  • Wuta Camera: Over 10 million downloads.
  • Max Browser: Over 1 million downloads.

Following Kaspersky’s alert, Google promptly removed these applications from its platform to safeguard users.

Moreover, the researchers found the Necro trojan hidden within unofficial “modded” versions of popular applications such as Spotify, WhatsApp, Minecraft, Stumble Guys, Car Parking Multiplayer, and Melon Sandbox. These modified APKs, often marketed as offering premium features at no cost, are prevalent on third-party sites and represent a substantial threat to unsuspecting users.

Understanding the Necro Trojan’s Capabilities

The distribution methods employed by the attackers are varied and cunning. For instance, in the Spotify mod, an embedded SDK was used to present advertising modules. If a user interacted with a particular image-based module, the trojan payload would be activated from a command-and-control (C&C) server. Similarly, the WhatsApp mod utilized Google’s Firebase Remote Config cloud service as a C&C server, deploying the trojan upon user engagement with a designated module.

Once the Necro trojan has infiltrated a device, it can execute a multitude of harmful actions, including:

  • Downloading and installing additional malicious files and applications.
  • Opening invisible browser windows to run harmful JavaScript code.
  • Subscribing users to costly paid services without their consent.
  • Stealing sensitive data, including login credentials and financial information.

Guidance for Users

While the infected apps on Google Play have been removed, the threat from modded APKs continues to loom large. Kaspersky offers the following recommendations to help users protect themselves:

  1. Avoid downloading applications from untrusted third-party sources.
  2. Only install apps from official app stores like Google Play.
  3. Exercise caution with apps that claim to provide premium features for free.
  4. Consider installing a reputable mobile antivirus solution to enhance security.

Update: 25 Sep 2024

Top charts for Mobile Android

uTorrent

uTorrent

Latest update uTorrent download for free for Windows PC or Android mobile

5
1032 reviews
6870994
downloads
Zona

Zona

Latest update Zona download for free for Windows PC or Android mobile

4
614 reviews
1483716
downloads
WinRAR

WinRAR

Latest update WinRAR download for free for Windows PC or Android mobile

5
735 reviews
616692
downloads
Minecraft

Minecraft

Latest update Minecraft download for free for Windows PC or Android mobile

5
750 reviews
470809
downloads

News and reviews for Mobile Android

Explore Top Android Games for Weekend Fun: 2026 Edition

Explore Top Android Games for Weekend Fun: 2026 Edition

Android games provide quick entertainment in various genres, ideal for short breaks. Discover popular titles for weekend fun in 2026.

Read more
OpenAI Develops Sora Android App in 28 Days Using Codex

OpenAI Develops Sora Android App in 28 Days Using Codex

OpenAI used Codex to develop the Sora Android app in 28 days, achieving rapid app deployment and a top spot on Google Play.

Read more
TickTick Enhances Mobile Productivity with Versatile Features

TickTick Enhances Mobile Productivity with Versatile Features

TickTick offers an intuitive productivity app for Android, combining task management, habit tracking, and customizable tools for streamlined workflows.

Read more
Google Removes System App Update Rollback on Play Store

Google Removes System App Update Rollback on Play Store

Google has removed the Play Store option to uninstall updates for system apps like Android System WebView. Change affects various system app types.

Read more
Fortnite Returns to Android via Google Play Store in US

Fortnite Returns to Android via Google Play Store in US

Fortnite, by Epic Games, now available on Google Play Store in the US. Streamlines downloads and updates for Android users.

Read more
OpenAI Builds Sora Android App in 28 Days with Codex

OpenAI Builds Sora Android App in 28 Days with Codex

OpenAI's team used Codex to create the Sora Android app in 28 days, enhancing development speed and efficiency.

Read more
Fortnite Returns to Android via Google Play Store

Fortnite Returns to Android via Google Play Store

Fortnite resumes Android presence on Google Play Store in the US amid Epic's legal settlement.

Read more
Fortnite Returns to Google Play Store in the U.S.

Fortnite Returns to Google Play Store in the U.S.

Epic Games' Fortnite is back on Google Play Store for U.S. users after a court order, changing app availability rules.

Read more
Google Translate Enhancements Boost Language Accuracy

Google Translate Enhancements Boost Language Accuracy

Google Translate updates refine accuracy in the U.S. and India from 2023-12-12, enhancing language support and learning tools.

Read more
Android App Discounts Highlight December Deals

Android App Discounts Highlight December Deals

Google Play offers Android discounts on games like Dead Cells and apps such as icon packs. Savings available through mid-December.

Read more
All article