The researchers of Kaspersky have identified a new version of a Necro, and a trojan is installed through the SDK's of the advertisements on the many applications of the distributed Store, Google Play, or modified versions of the applications that will be recognized, including Spotify, and WhatsApp. Based on initial assessments, the malware has infected about 11 million devices around the world (including in Italy).
The description of the Necro
The Norton found out Necro on the two applications to be published to the Google Play Store. One of them is the Wuta Camera, downloaded over 10 million times. Trojani he was eliminated in the version of the 6.3.7.138. The second one is the Max This about a million downloads), which Google took the following actions.
Two of the applications, including Coral SDK, is used to display the ad. The code errësua to hide his activities. The Malware was derived from an image, PNG, using an algorithm steganografie.
Necro is distributed also through a version of the modified Spotify, WhatsApp, Minecraft, Stumble Guys, Car Parking Multiplayer, and Melon Third -. The Malware works, as well as the charger, including a download of the load to the other server in the distance. After the infection of the device, it can automatically activate the appendix of a different show this ad to generate profits to download the APK without the user's knowledge and abonohet in-services and premium.
Based on surveys completed by 15 September, the largest number of victims has been found in Russia, Brazil, and Vietnam. In Italy, were identified in 186 the device to be infected. Users must update their applications to the above mentioned, or to remove them, and protect you with the installation of the APK's from unknown sources and use an antivirus.
Discussion about this post