11 Million Android Devices Infected by Necro Malware in Google Play Attack

Recently, a serious problem affected Android devices. A new type of malware named “Necro” infected over 11 million devices. This malware spread through apps found on Google Play, the official app store for Android phones. The situation raises concerns about the safety of apps and user data. This article will explain how the Necro malware works, where it came from, and what users can do to protect themselves.

What is Necro Malware?

Necro is a kind of software that can cause harm to devices. It is known as a “Trojan” because it tricks users into downloading it. Trojans pretend to be useful apps. Once they are on a device, they can do many dangerous things without permission. The Necro malware can install other harmful software, display unwanted ads, and even steal information.

How Did Necro Get into Google Play?

The Necro malware entered Google Play through apps that looked safe. Two apps were identified: Wuta Camera and Max Browser. The Wuta Camera app is a photo editing tool with over 10 million downloads. The Max Browser app had around 1 million downloads. Both apps contained a harmful software development kit (SDK) known as “Coral SDK.” This SDK hid the dangerous parts of Necro, allowing it to infect users.

When Wuta Camera was updated to version 6.3.2.148, Necro was added. It stayed on the app until version 6.3.6.148, when Kaspersky, a security company, notified Google. The malware was removed in version 6.3.7.138. However, any infected devices may still have problems. Max Browser also carried Necro in its latest version. Users were advised to uninstall this browser immediately.

How Does Necro Work?

Once installed, the Necro malware can activate many harmful activities. It can show ads using invisible windows, and connection tools that allow attackers to control devices, and apps for fraudulent tasks. For example, the malware can help steal money from users by tricking them into subscribing to fake services without their knowledge.

Necro can also download and run harmful files on infected devices. This may include scripts that perform actions like graphically making unwanted changes. The malware can make the device a proxy to send bad traffic without the user knowing. This is a sneaky way for criminals to hide their activities.

Who is Affected by Necro Malware?

Many people may unknowingly have Necro malware on their devices. It has hit devices that downloaded the infected apps from Google Play. In addition, Necro also spread through modified versions of popular applications called “mods.” These modified apps can be found outside the official app store. Some popular examples include modded versions of WhatsApp and Spotify. These mods promise extra features but come with hidden dangers.

The total number of devices infected with the Necro malware is not clear. Kaspersky revealed at least 11 million infections from Google Play alone. Infections from modified apps are likely even higher. These numbers show how widespread the problem has become.

Google’s Response to the Infection

Google is aware of the situation surrounding the Necro malware. They confirmed that the infected apps were removed from Google Play before the report was released. Users of Google Play are protected by a built-in feature called Google Play Protect. This service scans apps for harmful activities and warns users.

According to Google, Play Protect is automatically turned on for Android devices. It can stop harmful apps, even those from unofficial sources. While it may help, users still need to be careful when downloading apps. Not all apps are safe, even if they appear on Google Play.

What Can Users Do to Protect Themselves?

Users should take steps to keep their devices safe from malware like Necro. Here are some important actions to consider:

1. Download Apps Carefully: Always download apps from trusted sources only. Stick to Google Play Store and be cautious with third-party sites.
2. Check App Permissions: Before installing an app, check the permissions it asks for. If an app requests too many unnecessary permissions, do not download it.
3. Read Reviews: Look at user feedback and ratings before downloading an app. High ratings often mean more users feel safe and satisfied.
4. Keep Software Updated: Ensure that the Android operating system and all apps are always up to date. Updates often include security fixes.
5. Use Antivirus Software: Consider installing a reputable antivirus app that can help identify and remove malware.
6. Uninstall Suspicious Apps: If an app seems to behave improperly or if you suspect malware, uninstall it immediately.
7. Monitor Device Activity: Keep an eye on your device’s behavior. If it is slow or shows unusual ads, investigate further.