New Necro Trojan Variant Targets Android Users via Google Play Apps

25 Sep 2024

Emerging Threat: The Necro Trojan Targets Android Users

In a concerning development for Android users, security researchers at Kaspersky have unveiled a new variant of the Necro trojan, which is infiltrating devices through both legitimate Google Play applications and altered APKs found on unofficial websites. This sophisticated malware poses a significant risk, with capabilities that include stealing sensitive information, installing additional malicious software, and executing commands remotely on compromised devices.

Kaspersky’s investigation led to the identification of two infected applications on the Google Play Store:

  • Wuta Camera: Over 10 million downloads.
  • Max Browser: Over 1 million downloads.

Following Kaspersky’s alert, Google promptly removed these applications from its platform to safeguard users.

Moreover, the researchers found the Necro trojan hidden within unofficial “modded” versions of popular applications such as Spotify, WhatsApp, Minecraft, Stumble Guys, Car Parking Multiplayer, and Melon Sandbox. These modified APKs, often marketed as offering premium features at no cost, are prevalent on third-party sites and represent a substantial threat to unsuspecting users.

Understanding the Necro Trojan’s Capabilities

The distribution methods employed by the attackers are varied and cunning. For instance, in the Spotify mod, an embedded SDK was used to present advertising modules. If a user interacted with a particular image-based module, the trojan payload would be activated from a command-and-control (C&C) server. Similarly, the WhatsApp mod utilized Google’s Firebase Remote Config cloud service as a C&C server, deploying the trojan upon user engagement with a designated module.

Once the Necro trojan has infiltrated a device, it can execute a multitude of harmful actions, including:

  • Downloading and installing additional malicious files and applications.
  • Opening invisible browser windows to run harmful JavaScript code.
  • Subscribing users to costly paid services without their consent.
  • Stealing sensitive data, including login credentials and financial information.

Guidance for Users

While the infected apps on Google Play have been removed, the threat from modded APKs continues to loom large. Kaspersky offers the following recommendations to help users protect themselves:

  1. Avoid downloading applications from untrusted third-party sources.
  2. Only install apps from official app stores like Google Play.
  3. Exercise caution with apps that claim to provide premium features for free.
  4. Consider installing a reputable mobile antivirus solution to enhance security.

Update: 25 Sep 2024

Top charts for Mobile Android

uTorrent

uTorrent

Latest update uTorrent download for free for Windows PC or Android mobile

5
1032 reviews
7508488
downloads
Zona

Zona

Latest update Zona download for free for Windows PC or Android mobile

4
614 reviews
1734961
downloads
WinRAR

WinRAR

Streamline file management with fast compression, secure your documents, and save space.

5
735 reviews
746646
downloads
Minecraft

Minecraft

Shape environments, explore vast worlds, and survive against monsters with endless creativity.

5
750 reviews
495044
downloads

News and reviews for Mobile Android

Top Coin Apps Enhance Coin Valuation and Identification

Top Coin Apps Enhance Coin Valuation and Identification

Coin apps improve currency valuation and identification, aiding collectors and investors in the U.S. as of 2026. Key apps include CoinKnow and PCGS CoinFacts.

Read more
Optimize Android Apps Beyond Frontend with Backend Focus

Optimize Android Apps Beyond Frontend with Backend Focus

Android apps need robust architecture and backend integration for high performance. Developers should focus beyond the UI to address backend challenges.

Read more
Explore Alternatives as Android Auto Exits Vehicles

Explore Alternatives as Android Auto Exits Vehicles

Automakers shift from Android Auto, prompting tech users to adapt with alternatives.

Read more
WeChat Faces Potential U.S. Ban Amid Security Concerns

WeChat Faces Potential U.S. Ban Amid Security Concerns

WeChat, a Tencent-owned app, may face a U.S. ban due to alleged ties with Chinese criminal networks, impacting national security.

Read more
Discounted Android App Deals for Gamers and Users

Discounted Android App Deals for Gamers and Users

Discover top Android app deals available now, featuring discounted games for 2026-01-27.

Read more
iA Writer Boosts Focus for Writing-First Users

iA Writer Boosts Focus for Writing-First Users

iA Writer helps reclaim focus for writers with distraction-free design. Notion users may prefer its simplicity for dedicated writing tasks.

Read more
Android Deals: Price Drops on Top Apps and Games

Android Deals: Price Drops on Top Apps and Games

Check out the latest Android deals featuring popular games like D&D Lords of Waterdeep and Beastie Bay DX.

Read more
Today's Top App Deals: Lords of Waterdeep & More

Today's Top App Deals: Lords of Waterdeep & More

Discover the latest app deals on Android with price drops for top games including Lords of Waterdeep and Legends of Heropolis.

Read more
Warframe Expands to Android with Cross Play, Save Features

Warframe Expands to Android with Cross Play, Save Features

Warframe launches on Android 2025-02-18, offering Cross Play and Save. Players gain rewards for early participation.

Read more
Waze Enhances Features for Android Auto Users

Waze Enhances Features for Android Auto Users

Waze adds improved navigation and alerts on Android Auto. Users in the US, Canada, Mexico, and France will see changes soon.

Read more
All article