New version of Android malware infects millions of devices through Google Play  

A new version of Android malware was found being distributed through advertising software kits used by legitimate apps on Google Play 

Updated - September 24, 2024 01:28 pm IST

Legitimate apps on Google play were used to spread a new version of Necro Android malware.

Legitimate apps on Google play were used to spread a new version of Necro Android malware. | Photo Credit: Reuters

Legitimate apps on Google play are being used to spread a new version of Necro Android malware. The malware capable of downloading Adware to sign up users to subscriptions without their knowledge and use devices to funnel malicious traffic was spread through advertising development kits used by legitimate apps. These included apps like Spotify, WhatsApp, and Minecraft, a report from Bleeping Computer said.

The malware reportedly infected 11 million devices via Google Play.

The malware, first discovered by researchers at Kaspersky, hides its malicious activities and downloads a payload on the impacted devices. The payload disguises itself as harmless PNG images, which are then used for malicious purposes.

Outside the Play Store, the malware is primarily spread through modified promising free subscriptions or improved user experience of popular apps that are distributed through unofficial websites.

Some of the mods that were found infected with the malware include WhatsApp mods that promise better privacy controls and extended file-sharing limits. Another is the Spotify mod, that promises free access to ad-free premium services.

Researchers also found mods of popular online games including mods of Minecraft, Stumble Guys, Car Parking, and Melon Sandbox. And since unofficial Android app stores do not report download numbers, the exact extent of infected devices is yet to be ascertained.

0 / 0
Sign in to unlock member-only benefits!
  • Access 10 free stories every month
  • Save stories to read later
  • Access to comment on every story
  • Sign-up/manage your newsletter subscriptions with a single click
  • Get notified by email for early access to discounts & offers on our products
Sign in

Comments

Comments have to be in English, and in full sentences. They cannot be abusive or personal. Please abide by our community guidelines for posting your comments.

We have migrated to a new commenting platform. If you are already a registered user of The Hindu and logged in, you may continue to engage with our articles. If you do not have an account please register and login to post comments. Users can access their older comments by logging into their accounts on Vuukle.