Millions of Android Devices Under Attack: Necro Trojan Strikes via Google Play Apps

Published:

Another day, another Android malware scare! This time, it’s the Necro Trojan wreaking havoc, sneaking its way into millions of Android devices through – wait for it – *Google Play apps*. Yup, the supposedly “safe” apps you grab from the Play Store aren’t so safe after all. Shocker, right?

Max Browser can no longer be found on the Play Store
Max Browser can no longer be found on the Play Store

The antivirus ninjas at Kaspersky have caught this Necro Trojan slithering into Android phones using sneaky supply chain attacks through compromised advertising SDKs. You probably didn’t expect your innocent camera app to be a malware taxi, but here we are. According to the report, this digital devil has been hiding in apps like Benqu’s Wuta Camera (with over 10 million downloads – let that sink in) and the now-vanished Max Browser (snagged over a million downloads before getting the boot). 

Necro Trojan’s been partying in Wuta Camera since version 6.3.2.148 (July 18), while Max Browser’s latest version 1.2.0 still has the Trojan. Yes, you can stop searching – Max Browser is gone from the Play Store, thank the Google gods.

Oh, and it gets better (sarcasm fully intended). Necro’s are also found in modified versions of popular apps like WhatsApp, Spotify, and Minecraft, distributed through shady websites. So, if you’re feeling adventurous enough to download apps from sketchy places, congrats – you’re probably on the Necro guest list.

 

So, What Does Necro Do Besides Ruining Your Day?

The Necro Trojan is like a parasite feeding off your phone. It sneaks in some adware, loading invisible websites to rack up cash for the hacker while draining your phone’s data. It can also execute random code on your device (because why not?), subscribe you to stuff you never asked for, and reroute malicious traffic to cover its tracks. Basically, it’s like inviting a guest who then lets their weird friends trash your house.

Google’s already investigating – cue the dramatic eye roll – but that doesn’t help much if you’re already infected. If you’ve downloaded either of these apps, step one: uninstall them *immediately*. Step two: grab a solid antivirus and scan your device. Step three: change those passwords, just in case. Sure, the Trojan isn’t known for hijacking accounts *yet*, but let’s not take any chances, okay?

Also, keep Google Play Protect on – you know, that thing we all take for granted? It’s your bodyguard, scanning apps before they sneak into your phone and tossing alerts your way if something smells fishy. If you were bold enough to turn it off, here’s how to bring it back:

  1. Open the Google Play Store.
  2. Tap your profile icon at the top right.
  3. Go to Play Protect → Settings.
  4. Flip that switch to turn on “Scan apps with Play Protect.”

And voilà – Play Protect is back, ready to slap any malware in the face before it gets too cozy in your phone.

So yeah, just another day in the Android Wild West. Stay sharp, and maybe think twice before downloading that next “cool” app.

Related articles

spot_img

Recent articles

spot_img