New Necro Trojan Variant Targets Android Users via Google Play Apps

25 Sep 2024

Emerging Threat: The Necro Trojan Targets Android Users

In a concerning development for Android users, security researchers at Kaspersky have unveiled a new variant of the Necro trojan, which is infiltrating devices through both legitimate Google Play applications and altered APKs found on unofficial websites. This sophisticated malware poses a significant risk, with capabilities that include stealing sensitive information, installing additional malicious software, and executing commands remotely on compromised devices.

Kaspersky’s investigation led to the identification of two infected applications on the Google Play Store:

  • Wuta Camera: Over 10 million downloads.
  • Max Browser: Over 1 million downloads.

Following Kaspersky’s alert, Google promptly removed these applications from its platform to safeguard users.

Moreover, the researchers found the Necro trojan hidden within unofficial “modded” versions of popular applications such as Spotify, WhatsApp, Minecraft, Stumble Guys, Car Parking Multiplayer, and Melon Sandbox. These modified APKs, often marketed as offering premium features at no cost, are prevalent on third-party sites and represent a substantial threat to unsuspecting users.

Understanding the Necro Trojan’s Capabilities

The distribution methods employed by the attackers are varied and cunning. For instance, in the Spotify mod, an embedded SDK was used to present advertising modules. If a user interacted with a particular image-based module, the trojan payload would be activated from a command-and-control (C&C) server. Similarly, the WhatsApp mod utilized Google’s Firebase Remote Config cloud service as a C&C server, deploying the trojan upon user engagement with a designated module.

Once the Necro trojan has infiltrated a device, it can execute a multitude of harmful actions, including:

  • Downloading and installing additional malicious files and applications.
  • Opening invisible browser windows to run harmful JavaScript code.
  • Subscribing users to costly paid services without their consent.
  • Stealing sensitive data, including login credentials and financial information.

Guidance for Users

While the infected apps on Google Play have been removed, the threat from modded APKs continues to loom large. Kaspersky offers the following recommendations to help users protect themselves:

  1. Avoid downloading applications from untrusted third-party sources.
  2. Only install apps from official app stores like Google Play.
  3. Exercise caution with apps that claim to provide premium features for free.
  4. Consider installing a reputable mobile antivirus solution to enhance security.

Update: 25 Sep 2024

Top charts for Mobile Android

uTorrent

uTorrent

Latest update uTorrent download for free for Windows PC or Android mobile

5
1032 reviews
6368758
downloads
Zona

Zona

Latest update Zona download for free for Windows PC or Android mobile

4
614 reviews
1263512
downloads
WinRAR

WinRAR

Latest update WinRAR download for free for Windows PC or Android mobile

5
735 reviews
494939
downloads
Minecraft

Minecraft

Latest update Minecraft download for free for Windows PC or Android mobile

5
750 reviews
453352
downloads

News and reviews for Mobile Android

Game 'Green Light' Coming to PC, iOS, and Android by 2026

Game 'Green Light' Coming to PC, iOS, and Android by 2026

Dream Adventure Game 'Green Light' announced for PC, iOS, Android, 2026. Experience yanaginagi's world. Launch expected with English, Japanese support.

Read more
Free Apps Now Available for Android and iOS Users

Free Apps Now Available for Android and iOS Users

Enjoy free premium apps on Android and iOS. Limited-time offer. Download now for lasting access.

Read more
AppHub Uninstalled from T-Mobile Devices for Improved Privacy

AppHub Uninstalled from T-Mobile Devices for Improved Privacy

T-Mobile removes AppHub from Android devices amid privacy concerns over silent app installations.

Read more
LibriVox Makes Audiobooks Free for Android Auto Users

LibriVox Makes Audiobooks Free for Android Auto Users

LibriVox offers over 18,000 free audiobooks for Android Auto users, enhancing long drives with public-domain classics and seamless in-car integration.

Read more
Unveil Huge Android App Discounts This Week

Unveil Huge Android App Discounts This Week

Discover significant app discounts on Android, including game and utility deals, available this week.

Read more
Latest Android Deals Include Trudograd Price Drop

Latest Android Deals Include Trudograd Price Drop

Android deals now offer discounts on apps like Trudograd and Boxville 2, enhancing affordability for tech enthusiasts.

Read more
Top Free Apps to Enhance Your New Android Experience

Top Free Apps to Enhance Your New Android Experience

Explore five free apps for Android that boost privacy, browsing, and productivity, offering solid performance with no cost.

Read more
Google Adds AI Summaries to Play Store Reviews

Google Adds AI Summaries to Play Store Reviews

Google introduces AI-generated review summaries on Play Store, aiding app selection by highlighting key pros and cons under user reviews.

Read more
FBI Urges Changes to Encryption in Messaging Apps

FBI Urges Changes to Encryption in Messaging Apps

FBI pushes for decryption in U.S. messaging apps to tackle crime. Impact on privacy debated.

Read more
SlopAds Ad-Fraud Uncovered in 224 Android Apps

SlopAds Ad-Fraud Uncovered in 224 Android Apps

SlopAds ad-fraud scheme impacts 224 Android apps on Google Play, affecting over 38 million downloads. Google removes apps; users should deploy Play Protect.

Read more
All article