Is your smart phone at risk? 11 million android devices infected by 'Necro Trojan'

Over 11 million Android devices have been infected with a new variant of Necro Loader malware, which is spreading through modified apps and games. 

Cybersecurity firm Kaspersky had reportedly identified this malware in altered versions of popular apps available on the Google Play Store.

The Malware

Kaspersky warns that downloading suspicious apps can lead to the loading of malicious modules capable of executing any DEX files (compiled code for Android), installing additional apps, and tunnelling through the victim's device. These modules can also potentially manage paid subscriptions, display and interact with ads in invisible windows, open arbitrary links, and execute any JavaScript code.

The malware often disguises itself in modified applications of well-known apps such as Minecraft, Spotify, and WhatsApp. While the Wuta Camera has since removed the malware, Kaspersky reports that the Max Browser still contains it.

Modified apps—those that replicate original apps with extra features—are appealing to users looking to bypass restrictions or access paid features for free. Unfortunately, these modified versions can introduce hidden malware disguised as additional functionalities.

Google has confirmed that at least 11 million users have been impacted by the malware, although the true number may be higher due to untracked downloads from unofficial sources and third-party app stores. The company has taken steps to remove the infected apps from the Google Play Store.

Kaspersky's investigation has uncovered a modified version of the popular music streaming app 'Spotify.' Users were reportedly encouraged to download a free version of the app from an unofficial source, which promised an unlocked subscription with unlimited listening both online and offline. However, Kaspersky warns that this version contains malware that could potentially harm devices.