Threats discovered on Android
Threats discovered on AndroidSecurity researchers at Kaspersky have discovered a new version of the Necro trojan targeting Android users through both Google Play apps and modified APKs (Android application packages) hosted on third-party websites. This malicious software poses a serious threat, capable of stealing sensitive data, installing additional malware, and remotely executing commands on infected devices.
Google Play Apps Removed
Kaspersky researchers identified two apps on the Google Play Store infected with the Necro trojan:
Wuta Camera: Downloaded over 10 million times.
Max Browser: Downloaded over 1 million times.
Google has since removed these infected apps from its Play Store after being notified by Kaspersky.
The researchers also discovered the Necro trojan lurking in unofficial "modded" versions of popular apps, including Spotify, WhatsApp, Minecraft, Stumble Guys, Car Parking Multiplayer, and Melon Sandbox. These modified APKs, often promising premium features for free, are widely available on third-party websites and pose a significant risk to unsuspecting users.
The attackers employ various methods to distribute the malware. In the case of the Spotify mod, an embedded SDK displayed advertising modules. If a user interacted with a specific image-based module, the trojan payload would be deployed from a command-and-control (C&C) server.
Similarly, the WhatsApp mod exploited Google's Firebase Remote Config cloud service as a C&C server, deploying the trojan upon user interaction with a specific module.
Necro Trojan Capabilities
Once installed, the Necro trojan can perform a range of malicious activities, including:
Downloading and installing malicious files and apps.
Opening invisible browser windows to execute malicious JavaScript code.
Subscribing users to expensive paid services without their knowledge.
Stealing sensitive information like login credentials and financial data.
Protecting Yourself
While the infected Google Play apps have been removed, the risk from modded APKs remains. Kaspersky strongly advises users to:
Avoid downloading apps from untrusted third-party sources.
Only download apps from official app stores like Google Play.
Be wary of apps promising premium features for free.
Install a reputable mobile antivirus solution.
For Unparalleled coverage of India's Businesses and Economy – Subscribe to Business Today Magazine
After ₹1,959.98 crore jolt, IndusInd Bank moves to fix lapses in internal controls
Hindustan Zinc eyes potash, lithium prospects in Rajasthan as it expands beyond core metals
'Luxury, not necessity': Trade body demands 28% GST on e-commerce; seeks crackdown on malpractices
Markets face triple risk: India-Pakistan tension, FII outflows, and earnings storm brewing
Despite restrictions, $10 billion in Indian goods slip into Pakistan each year via backdoor trade: GTRI study
Kenneth Andrade Highlights India's Value Sectors Amid Market Volatility
Kenneth Andrade Talks FII Inflows: India to Attract Global Capital with Strong Growth Story
Pope Francis Dies At 88: Vatican Ritual, Pope Office & Next Pope Explained
Why Article 142 Is Triggering Tug Of War Between Judiciary And Executive | Explained
Gold ETFs Vs. Physical Gold | Jim Rogers' Guide To Crisis Protection
Markets face triple risk: India-Pakistan tension, FII outflows, and earnings storm brewing
India–Pakistan tensions: Why markets may stay resilient despite heightened tensions 
Jio Platforms reports 25.7% profit surge in Q4 FY25, ARPU climbs to Rs 206.2
'A ₹50 crore payoff': How IIT Madras turned a ₹29 lakh bet into a massive Ather Energy windfall
Ather Energy raises Rs 1,340 cr from anchor investors ahead of IPO launch on April 28