Jump to content
  • Sign Up
×
×
  • Create New...

Necro Trojan Detected in Google Play Apps and Modded Versions of Spotify, WhatsApp

Pelican Press

By Pelican Press,
in World News

 Share

Recommended Posts

  • Diamond Member
Pelican Press Warlord

Pelican Press 0

Posted
  • Diamond Member
Posted

This is the hidden content, please

****** ******* Detected in
This is the hidden content, please
Play Apps and Modded Versions of Spotify, WhatsApp

Some 

This is the hidden content, please
Play apps and unofficial mods of popular apps are being targeted by attackers to spread a dangerous malware, according to security researchers. The purported ****** ******* is capable of logging keystrokes, stealing sensitive information, installing additional malware, and remote ********** of commands. Two apps in the
This is the hidden content, please
Play app store have been spotted with this malware. Further, modded (modified) Android application packages (APKs) of apps such as Spotify, WhatsApp, and games like Minecraft were also detected distributing the *******.

This is the hidden content, please
Play Apps, Modded APKs Used to Spread ****** *******

The first time a ******* from the ****** family was spotted was in 2019 when the malware infected the popular PDF maker app CamScanner. The official version of the app in

This is the hidden content, please
Play with more than 100 million downloads posted a risk to users, but a security patch fixed the issue at the time.

According to a

This is the hidden content, please
by Kaspersky researchers, a new version of the ****** ******* has now been spotted in two
This is the hidden content, please
Play apps. The first is the Wuta Camera app which has been downloaded more than 10 million times, and the second is Max Browser with more than a million downloads. The researchers have confirmed that
This is the hidden content, please
 took down the infected apps after Kaspersky reached out to the company.

The main issue stems from a large number of unofficial ‘modded’ versions of popular apps, which are found hosted on a large number of third-party websites. Users can mistakenly download and install them on their Android devices, infecting them in the process. Some of the APKs with the malware spotted by researchers include modified versions of Spotify, WhatsApp, Minecraft, Stumble Guys, Car Parking Multiplayer, and Melon Sandbox — these modded versions promise users access to features that typically require a paid subscription.

Interestingly, it appears the attackers are using a range of methods to target users. For instance, the Spotify mod contained an SDK which displayed multiple advertising modules, as per the researchers. A command-and-control (C&C) server was being used to deploy the ******* payload if the user accidentally touched the image-based module.

Similarly, in the WhatsApp mod, it was found that the attackers had overwritten

This is the hidden content, please
’s Firebase Remote Config cloud service to use it as the C&C server. Ultimately, interacting with the module would deploy and ******** the same payload.

Once deployed, the malware could “download executable files, install third-party applications, and open arbitrary links in invisible WebView windows to ******** JavaScript code,” highlighted the Kaspersky post. Further, it could also subscribe to expensive paid services without the user knowing.

While the apps in

This is the hidden content, please
Play have already been taken down, users are urged to be careful while downloading Android apps from third-party sources. In case they do not trust the marketplace, they should refrain from downloading or installing any app or files.



This is the hidden content, please

#****** #******* #Detected #

This is the hidden content, please
#Play #Apps #Modded #Versions #Spotify #WhatsApp

This is the hidden content, please

This is the hidden content, please

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing

  • Vote for the server

    To vote for this server you must login.

    Jim Carrey Flirting GIF

  • Recently Browsing   0 members

    • No registered users viewing this page.

Important Information

Privacy Notice: We utilize cookies to optimize your browsing experience and analyze website traffic. By consenting, you acknowledge and agree to our Cookie Policy, ensuring your privacy preferences are respected.

  I accept