Cyber Security

Necro Trojan Strikes Google Play, Exposing 11 Million Users, Reports Kaspersky

44
(source: Securelist, Kaspersky)

Kaspersky identified a new version of the Necro Trojan that had infiltrated several popular applications on Google Play and modified applications on unofficial platforms.

Necro is an Android downloader that downloads and runs other malicious components on infected devices. An example of malicious components is the ability to display ads in hidden windows or install apps. The Trojan is also capable of subscribing users to paid services and redirecting internet traffic through the victim’s device, potentially turning it into a proxy botnet for cybercriminals.

“Users often download unofficial, modified apps to bypass restrictions in official applications or to access additional free features. Cybercriminals exploit this behavior, spreading malware with these apps as there is no moderation on third-party platforms,” comments Dmitry Kalinin, cybersecurity expert at Kaspersky.

Based on anonymized statistics of Kaspersky’s solutions from August 26 to September 15, Necro attacks target users in Russia, Brazil, Vietnam, Ecuador, and Mexico as part of this malicious campaign.

Kaspersky experts discovered the Trojan in a modified version of Spotify Plus. They also found it in a modified version of WhatsApp, followed by infected versions of popular games, including Minecraft, Stumble Guys, and Car Parking Multiplayer. Necro was embedded into these applications via an unverified ad module.

Other infected apps include ones in Google Play, such as the Wuta Camera app and Max Browser, which have combined downloads of over 11 million. Fortunately, the malicious code was removed from Wuta Camera, and Max Browser was taken down from the store after the Kaspersky Lab’s report to Google. However, users still risk encountering Necro on unofficial platforms.

To protect against this and other Android cyber threats, Kaspersky experts also recommend:

  • Download apps only from official sources;
  • Regularly update their operating system and installed applications;
  • Use a reliable security solution from a trusted manufacturer whose products are verified by independent test labs, such as Kaspersky Premium.

Kaspersky’s security solutions protect against Necro and detect the downloader as Trojan-Downloader.AndroidOS.Necro.f and Trojan-Downloader.AndroidOS.Necro.h, with the malicious components identified as Trojan.AndroidOS.Necro. To learn more about this Trojan, visit Securelist.com.

Written by
Tech Beat Philippines

Tech Beat Philippines is the social media news platform for all things technology. It is also a part of the GEARS section on Daddy's Day Out.

Leave a comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Daddy’s Day Out is a platform that celebrates modern masculinity and offers a space where men can unite, learn, and grow together. It fosters a community where authenticity, support, and self-expression thrive unapologetically.

Related Articles

Kaspersky Uncovers Scam M4 MacBook Pro Offers Following Influencer Review of Unreleased Model

A Russian content creator recently posted a video review of an unreleased...

Google Is Working on Verified Checkmarks on Search Results

Aiming to secure web browsing for users to avoid fake or harmful...

Excited for “Joker: Folie à Deux”? Kaspersky Warns of Scammers Exploiting on the Film’s Hype

Kaspersky has discovered cybercriminals taking advantage of the excitement surrounding the upcoming...

Kaspersky Shares How One Cyber Breach Can Sink Your Business

Today’s interconnected world allows for more frequent and highly developed cyberattacks. Regardless...