Liputan6.com, Jakarta – Security researchers claim to have discovered a new version of the Necro Trojan malware that infects a number of applications on the Google Play Store.
In fact, Android users may have thought that if they downloaded an application from the Google Play Store, the application would be safe.
Moreover, Google claims that it always checks applications before making them available for download by users via the application store.
However, as quoted from GizchinaTuesday (1/10/2024), Necro Trojan malware was found to have infected applications from unofficial sources and from the Google Play Store. One application has even been downloaded more than 10 million times.
Researchers from Kaspersky Securelist believe that the malware spreads through a problematic software development kit (SKD).
The SDK itself helps developers add features, from advertising, analytics, to payment options in applications. Unfortunately, if the SDK is infected, it can actually bring vulnerabilities to the applications that use it.
In this case, the Necro malware displays advertisements in the background to make money for the attacker.
Necro malware can also install applications without users knowing and use hidden WebViews to interact with paid services.