Technology

Dangerous new Android malware infects 11 million devices — here’s what we know

September 24, 2024

Cybersecurity researchers have revealed malware managed to sneak into the Google Play app store thanks to a compromised software development kit (SDK).

The malware, called Necro, ended up on at least 11 million devices, and quite possibly – a lot more, the team from Kaspersky noted. Necro infiltrated an advertising SDK named ‘Coral SDK’, which should have been used to integrate different advertising modules into an application. However, with steganography, the SDK deploys stage-two malware capable of a number of malicious activities, including loading ads through invisible WebView windows, downloading and running arbitrary JavaScript files, facilitating fraud, and rerouting malicious traffic.

Two seemingly legitimate applications picked up this SDK – a photo editing tool called Wuta Camera by ‘Benqu,’ and Max Browser by ‘WA message recover-wamr.’ The former has more than 10 million downloads, and the latter – one million.

Updating flawed apps

When Kaspersky discovered the malware and notified the developers – Wuta Camera was fixed, and the malware removed. If you are using this app by any chance, make sure to update it to version 6.3.7.138. Max Browser, on the other hand, is still compromised, and the researchers are suggesting deleting the app and switching to a different browser.

Google’s Play Store keeps track of, and displays, the number of downloads. Cumulatively, it is more than 11 million on the platform. However, compromised apps are being distributed through other means, too. Therefore, the number of compromised mobile endpoints is quite likely a lot bigger. Kaspersky found multiple other apps, distributed on third-party websites, carrying the Necro malware, including modded versions of WhatsApp (GBWhatsApp and FMWhatsApp), Spotify (Spotify Plus), Minecraft, Stumble Guys, and many others.

Google is usually very diligent when it comes to protecting its app repository, but even the strongest defenses can sometimes be breached. When downloading new apps, it would be wise not to blindly trust anything found on official stores. Instead, also look at the number of downloads, ratings, and reviews.

Via BleepingComputer

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

More from TechRadar Pro

Facebook
Twitter
Pinterest
WhatsApp

Previous articleMore women are charged with pregnancy-related crimes since Roe’s end, study finds
Next articleAudio-Technica ATH-TWX7 With Up to 24 Hours of Battery Life Debut in India

M Adam
https://technologiesandgadgets.com/

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

LEAVE A REPLY Cancel reply

EDITOR PICKS

POPULAR POSTS

QUICK LINKS

ABOUT US

FOLLOW US

Cookie bar