September 23, 2024 at 05:38PM
The Necro trojan is targeting Android users, potentially affecting millions. Kaspersky discovered the Necro campaign in 2019, exposing numerous devices to malware. Popular apps like Wuta Camera and Max Browser were affected, prompting Google to take action. Malicious modifications for apps like WhatsApp and children’s games are also concerning. Kaspersky noted a new technique using steganography in the latest trojan.
From the meeting notes, it’s clear that the Necro trojan has resurfaced, posing a threat to Android users. Kaspersky’s discovery of the Necro campaign in 2019 raised concerns about the potential exposure of millions of devices to this malware. It appears that popular apps are being targeted, either through spoofing or modified versions, leading to infections on Android devices.
Notably, apps such as Wuta Camera and Max Browser have been affected, with Google taking action to remove the Necro code and even removing one app from the Play Store entirely. Kaspersky’s developer, Dmitry Kalinin, emphasized the prevalence of side-loaded spoofed apps and illegitimate modifications as a real problem, particularly for popular apps like Spotify and WhatsApp.
Furthermore, the meeting notes highlight that children’s apps, as well as widely used apps like Minecraft and Stumble Guys, are also being targeted by malicious modders. There is a concern about the difficulty in distinguishing between legitimate and harmful mods, making it imperative for users to avoid downloading from suspicious sources.
Specifically, the latest version of the Necro trojan exhibits a rare technique for mobile malware—using steganography to conceal a payload in the code of a PNG image. However, the trojan’s primary focus appears to be intrusive ads and fake subscription payments rather than exfiltrating sensitive data.
In terms of avoiding such infections, it is recommended to be cautious about downloading from untrustworthy sources. The lack of response from Google regarding the malware issues in its Play Store raises concerns about the level of security provided.
Overall, the discussion surrounding the Necro trojan and Android malware underscores the need for heightened vigilance and caution when downloading apps, especially from unofficial sources.