The Android Play Store, a bustling hub for app downloads, has become a target for malicious actors. Recent research from Kaspersky SecureList reveals that the infamous Necro malware has infected over 11 million Android devices, infiltrating popular applications like Wuta Camera and Max Browser.
The malware’s reach is extensive, encompassing various popular apps, including modified versions of WhatsApp from unofficial sources and even a Spotify mod disguised as ‘Spotify Plus,’ designed to mimic the premium service. It also appears in modified versions of popular games such as Minecraft and Melon Sandbox.
Wuta Camera, specifically versions 6.4.2.148 to 6.4.7.138, was identified as carrying the Necro malware before its removal. Similarly, Max Browser, despite being downloaded over a million times, has been taken down from the Play Store after versions 1.2.0 and above were found to contain the Necro loader.
The Necro malware’s insidious strategy is to generate revenue by stealthily running processes in the background of your phone. While you might notice a performance hit, the malware is designed to remain hidden. Its primary function is to generate ad revenue by opening and clicking on advertisements through invisible windows.
In response to this threat, Google has confirmed that all known infected apps have been removed from the Play Store. They also emphasize that Google Play Protect, the default antivirus on most Android devices, should have protected the majority of users.
Despite Google’s efforts, it’s always prudent to be cautious. If you’re concerned about potential Necro or other malware infections on your device, using a reliable antivirus scanner is highly recommended. Several antivirus programs are available for Android devices, and you can find helpful resources to guide you through removing malware and viruses from your phone.
