Legitimate apps on the Google Play Store have been exploited to distribute a new form of Necro Android malware. Reuters
A new version of Android malware, known as Necro, is taking advantage of legitimate applications on the Google Play Store to infect millions of devices. This malware can covertly download adware that enrolls users in subscriptions without their consent and can also use infected devices to channel malicious traffic. According to a recent report, the malware has reportedly affected around 11 million devices.
The malware was first identified by cybersecurity researchers at Kaspersky, who found that it exploits advertising development kits used by popular apps. Notably, well-known applications such as Spotify, WhatsApp, and Minecraft have been compromised. This means that users downloading these seemingly harmless apps may unknowingly be putting their devices at risk.
What makes this version of Necro particularly sneaky is its ability to hide its malicious actions. Once installed on a device, it downloads a payload disguised as harmless PNG images. These images may look innocent, but they serve a harmful purpose once they are executed.
While the malware spreads through the Play Store, it is also found in modified versions of popular apps offered on unofficial websites. These modified apps often promise free subscriptions or enhanced user experiences. For example, some WhatsApp mods claim to provide better privacy features and expanded file-sharing capabilities. Similarly, there are Spotify mods that advertise free access to ad-free premium services, luring users in with attractive promises.
Additionally, the malware has been discovered in mods for various popular online games, including Minecraft, Stumble Guys, Car Parking, and Melon Sandbox. The challenge is that these unofficial Android app stores do not track download numbers, making it difficult to determine the true scale of the infection. Users who download apps from these unregulated sources may expose themselves to additional risks without even realizing it.
This situation raises concerns about the security of mobile devices and the importance of downloading applications only from trusted sources. While Google Play has security measures in place, malware can still find its way into legitimate apps, especially when they are used in conjunction with advertising development kits.
Users are advised to remain vigilant and avoid downloading apps that promise unrealistic benefits, especially from unknown sources. Installing security software on mobile devices can also help in detecting and preventing such threats. Awareness of these types of malware can go a long way in protecting personal information and ensuring a safe mobile experience.
In summary, the Necro malware poses a significant risk by using legitimate apps on the Google Play Store to infect millions of devices. By downloading seemingly innocent applications, users may inadvertently expose themselves to adware and other malicious activities. Staying informed and cautious can help individuals safeguard their devices against these threats.
