{"id":53539,"date":"2024-09-23T13:46:46","date_gmt":"2024-09-23T17:46:46","guid":{"rendered":"https:\/\/www.businessupturn.com\/usa\/?p=53539"},"modified":"2024-09-24T13:47:56","modified_gmt":"2024-09-24T17:47:56","slug":"dangerous-new-android-malware-infects-11-million-devices-heres-what-we-know","status":"publish","type":"post","link":"https:\/\/www.businessupturn.com\/usa\/dangerous-new-android-malware-infects-11-million-devices-heres-what-we-know\/53539\/","title":{"rendered":"Dangerous new Android malware infects 11 million devices \u2014 here\u2019s what we know"},"content":{"rendered":"<div class=\"flex max-w-full flex-col flex-grow\">\n<div class=\"min-h-[20px] text-message flex w-full flex-col items-end gap-2 whitespace-normal break-words [.text-message+&]:mt-5\" dir=\"auto\" data-message-author-role=\"assistant\" data-message-id=\"4dacbc1f-4138-4c71-b38e-9a26a3c39747\">\n<div class=\"flex w-full flex-col gap-1 empty:hidden first:pt-[3px]\">\n<div class=\"markdown prose w-full break-words dark:prose-invert dark\">\n<p>Cybersecurity experts have uncovered that malware has managed to infiltrate the Google Play app store due to a compromised software development kit (SDK). This malware, named Necro, has affected at least 11 million devices, and the actual number might be even higher, according to researchers from Kaspersky.<\/p>\n<p>Necro found its way into an advertising SDK called \u201cCoral SDK.\u201d This SDK was designed to help integrate various advertising features into apps. However, it used a technique called steganography to deploy second-stage malware that can perform a range of harmful actions. These include loading ads in hidden WebView windows, downloading and executing arbitrary JavaScript files, enabling fraud, and rerouting malicious traffic.<\/p>\n<p>Two seemingly legitimate apps that included this SDK are Wuta Camera, a photo editing app by \u2018Benqu\u2019 with over 10 million downloads, and Max Browser by \u2018WA message recover-wamr,\u2019 which has about one million downloads.<\/p>\n<h3>Updating Flawed Apps<\/h3>\n<p>After Kaspersky discovered the malware, they alerted the developers, resulting in a fix for Wuta Camera, which has now removed the malware. If you\u2019re using this app, make sure to update it to version 6.3.7.138. Unfortunately, Max Browser remains compromised, and researchers recommend deleting it and switching to another browser.<\/p>\n<p>While Google Play Store tracks downloads and indicates over 11 million cumulative downloads for these apps, compromised applications are also being distributed through other channels. This means the total number of affected devices is likely much larger. Kaspersky identified several other apps available on third-party websites that carry the Necro malware, including modified versions of WhatsApp (GBWhatsApp and FMWhatsApp), Spotify (Spotify Plus), Minecraft, Stumble Guys, and more.<\/p>\n<p>Google typically takes strong measures to secure its app repository, but even the best defenses can occasionally be bypassed. When downloading new apps, it\u2019s important not to trust everything you find on official stores blindly. Always check the number of downloads, ratings, and reviews to help protect yourself from malware.<\/p>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n","protected":false},"excerpt":{"rendered":"<p>Cybersecurity experts have uncovered that malware has managed to infiltrate the Google Play app store due to a compromised software\u2026<\/p>\n","protected":false},"author":294,"featured_media":53540,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[9],"tags":[4131],"class_list":["post-53539","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-tech","tag-malware"],"reading_time":"2 min read","_links":{"self":[{"href":"https:\/\/www.businessupturn.com\/usa\/wp-json\/wp\/v2\/posts\/53539","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.businessupturn.com\/usa\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.businessupturn.com\/usa\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.businessupturn.com\/usa\/wp-json\/wp\/v2\/users\/294"}],"replies":[{"embeddable":true,"href":"https:\/\/www.businessupturn.com\/usa\/wp-json\/wp\/v2\/comments?post=53539"}],"version-history":[{"count":0,"href":"https:\/\/www.businessupturn.com\/usa\/wp-json\/wp\/v2\/posts\/53539\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.businessupturn.com\/usa\/wp-json\/wp\/v2\/media\/53540"}],"wp:attachment":[{"href":"https:\/\/www.businessupturn.com\/usa\/wp-json\/wp\/v2\/media?parent=53539"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.businessupturn.com\/usa\/wp-json\/wp\/v2\/categories?post=53539"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.businessupturn.com\/usa\/wp-json\/wp\/v2\/tags?post=53539"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}