This stealthy malware disguised itself within popular apps, including game mods and modified versions of well-known applications like Spotify, WhatsApp, and Minecraft.

Once installed, Necro wreaked havoc on infected devices by:

  • Displaying unwanted ads: Necro used hidden web pages to bombard users with intrusive advertisements.
  • Downloading malicious scripts: Harmful scripts were downloaded and executed on infected devices.
  • Tricking users into subscriptions: Necro employed deceptive tactics to coerce users into unwanted subscription charges.
  • Using devices as proxies: Infected devices were turned into proxies to facilitate malicious internet traffic.

Necro’s Discovery on Google Play

Cybersecurity experts at Kaspersky uncovered Necro lurking within two popular apps available on Google Play، which downloaded over 11 millions times.

Wuta Camera: This photo editing app, with over 10 million downloads, was infected with Necro from version 6.3.2.148 to 6.3.6.148.
Max Browser: This browser, with 1 million downloads, also contained Necro in its latest version, 1.2.0.

Both apps were compromised through a malicious advertising SDK called ‘Coral SDK,’ which cleverly disguised its harmful intentions.

External Sources of Infection

Beyond Google Play, Necro spread primarily through modified versions of popular apps, often found on unofficial websites. Examples include WhatsApp mods like ‘GBWhatsApp’ and ‘FMWhatsApp,’ as well as Spotify mods like ‘Spotify Plus.’ Other infected apps included mods for games like Minecraft, Stumble Guys, Car Parking Multiplayer, and Melon Sandbox.

To safeguard your Android device from Necro and other malware threats:

  • Keep your device and apps updated: Regular updates often include security patches to address vulnerabilities.
  • Use a reputable antivirus app: A reliable antivirus solution can detect and remove malware.
  • Be cautious of suspicious links and attachments: Avoid clicking on unknown or suspicious content.

Additional Precautions

  • Review app permissions carefully: Before installing an app, examine the permissions it requests. Excessive or unrelated permissions could be a red flag.
  • Read app reviews: Check what other users have to say about an app to identify potential issues.
  • Be wary of free apps: While free apps are convenient, they may sometimes harbor malware. Consider paying for reputable versions.

By following these guidelines, you can significantly reduce your risk of falling victim to Necro and other Android malware threats.