Tin tức

Ác mộng mới nhất của Android: Triệu thiết bị bị nhiễm malware tinh vi

Posted on by admin
29
Sep

Cơn ác mộng mới nhất của Android: hàng triệu thiết bị bị nhiễm malware cực kỳ tinh vi! Bạn có thể nghĩ rằng một ứng dụng được liệt kê trên Cửa hàng Chơi sẽ là an toàn để tải xuống. Đó là điều mà Google muốn bạn tin, và đến một mức độ lớn là đúng. Nhưng trong thế giới kỹ thuật số này, không có dịch vụ nào là chắc chắn hoàn toàn. Có rất nhiều trường hợp khi các ứng dụng được tải xuống rộng rãi trên Cửa hàng Chơi bị nhiễm malware. Trong khi Google vẫn cam kết rằng thị trường ứng dụng là an toàn, một sự cố khác đã hé lộ ánh sáng. Các nhà nghiên cứu an ninh đã phát hiện ra một loại malware Trojan mới gọi là Necro không chỉ nhiễm vào các ứng dụng được tải xuống thông qua nguồn không chính thức mà còn vào những ứng dụng trên Cửa hàng Chơi, bao gồm cả một ứng dụng với hơn 10 triệu lượt tải. #malware #Android #Necro #PlayStore #Cyberguy

Đi thêm vào đó, nhưng phương pháp cụ thể để nhiễm máy viên mãn với malware vẫn chưa rõ ràng. Các nhà nghiên cứu tại Securelist của Kaspersky tin rằng một kit phần mềm phát triển phần mềm (SDK) điệp viên mà có thể chịu trách nhiệm cho sự vi phạm. SDK là công cụ cần thiết mà các nhà phát triển sử dụng để thêm các tính năng cụ thể vào ứng dụng của mình, như dịch vụ quảng cáo, phân tích hay xử lý thanh toán. #SDK #Kaspersky #malware #Necro

(Nguồn: CyberGuy)

Android vẫn có nhiều rủi ro khi nói đến malware, và Necro là một minh chứng cho điều đó. Việc phát hiện ra Necro trong các ứng dụng như Wuta Camera, Max Browser và các mod game phổ biến chỉ cho thấy vấn đề an ninh cực kỳ nghiêm trọng trong thế giới ứng dụng. Với hơn 11 triệu thiết bị Android bị ảnh hưởng, việc cẩn thận với việc tải xuống ứng dụng của bạn là rất quan trọng. #WutaCamera #MaxBrowser #Android #GooglePlay #security

(Nguồn: CyberGuy)

Nguồn: https://www.foxnews.com/tech/androids-latest-nightmare-millions-devices-infected-sneaky-malware

You’d think an app listed on the Play Store would be safe to download. That’s what Google wants you to believe, and it’s true to a large extent. But in this digital world, no service is foolproof. 

Time and time again, there have been instances when widely downloaded apps on the Play Store were infected by malware. While Google continues to promise that the app market is safe, another incident has come to light. 

Security researchers have discovered a new Trojan malware called Necro that not only infects apps downloaded through unofficial sources but also those on the Play Store, including one with more than 10 million downloads.

GET SECURITY ALERTS, EXPERT TIPS – SIGN UP FOR KURT’S NEWSLETTER – THE CYBERGUY REPORT HERE

Man with android

A man scrolling on his Android phone  (Kurt “CyberGuy” Knutsson)

How does Necro infect apps

The exact method by which both apps were initially compromised with the malware is still unclear. Researchers at Kaspersky’s Securelist believe a rogue software development kit (SDK) used for integrating advertising functionalities may be responsible for the breach. SDKs are essential tools developers use to add specific features to their apps, such as ad services, analytics or payment processing. 

CLICK HERE FOR MORE U.S. NEWS

When an SDK is compromised, it can inadvertently introduce vulnerabilities into the applications that utilize it. In this case, the malware affecting the apps displayed ads in the background to generate fraudulent revenue for the attackers, installed apps and APKs without the user’s consent and used invisible WebViews to interact with paid services.

The Trojan in question, Necro, isn’t exactly new. It’s the same malware that infected a popular document scanner called CamScanner in 2019, which at that time had over 100 million downloads.

android on desk

An Android phone on a desk  (Kurt “CyberGuy” Knutsson)

ANDROID BANKING TROJAN EVOLVES TO EVADE DETECTION AND STRIKE GLOBALLY

Which apps are affected?

Kaspersky researchers identified several apps affected by the Necro Trojan, including those available in Google Play. Their combined audience numbered more than 11 million Android devices.

The first affected app is the Wuta Camera, a photo editing and beautification tool. It has at least 10 million times. The Necro loader has been embedded in it starting from version 6.3.2.148. The latest version of the app, 6.3.6.148, which was available on Google Play, also had it. After the researchers reported the presence of malicious code to Google, the Trojan was removed from the app in version 6.3.7.138.

The second infected app was Max Browser. This browser, according to Google Play, has been installed more than a million times and, starting with version 1.2.0, also contained the Necro loader. Google took down the infected app from the Play Store after it was reported.

Kaspersky also found WhatsApp mods that had the Necro loader in unofficial sources. It also spotted the Spotify mod called “Spotify Plus,” which promises free access to ad-free premium services. Plus, the report mentions mods for popular games like Minecraft, Stumble Guys, Car Parking Multiplayer, and Melon Sandbox, all of which were infected with the Necro loader.

Mods, or modifications, are altered versions of original apps or games that often provide additional features or tweaks.

GET FOX BUSINESS ON THE GO BY CLICKING HERE

android phone

An Android phone  (Kurt “CyberGuy” Knutsson)

ANDROID BANKING TROJAN MASQUERADES AS GOOGLE PLAY TO STEAL YOUR DATA

What is Google’s response to this?

Google is aware of the Necro malware and, as I mentioned above, it has already taken down the affected apps. A Google spokesperson provided us with the following statement:

“All of the malicious versions of the apps identified by this report were removed from Google Play prior to report publication. Android users are automatically protected against known versions of this malware by Google Play Protect, which is on by default on Android devices with Google Play Services. Google Play Protect can warn users or block apps known to exhibit malicious behavior, even when those apps come from sources outside of Play.”

THE HIDDEN COSTS OF FREE APPS: YOUR PERSONAL INFORMATION 

4 ways to protect yourself from Necro malware

1. Have strong antivirus software: Android has its own built-in malware protection called Play Protect, but the Necro Trojan proves it’s not enough. Historically, Play Protect hasn’t been 100% foolproof at removing all known malware from Android phones. The best way to protect yourself from clicking malicious links that install malware that may get access to your private information is to have antivirus protection installed on all your devices. This can also alert you of any phishing emails or ransomware scams. Get my picks for the best 2024 antivirus protection winners for your Windows, Mac, Android and iOS devices.

2. Download apps from reliable sources: It’s important to download apps only from trusted sources like the Google Play Store. You might say I am contradicting myself, but Play Store is still safer than other options out there. It has strict checks to prevent malware and other harmful software. However, even with the security measures provided by Google Play, downloading apps from the store does not guarantee 100% protection against malware or harmful software. Avoid downloading apps from unknown websites or unofficial stores because they can pose a higher risk to your personal data and device. Never trust download links that you get through SMS.

3. Be cautious with app permissions: Always review the permissions requested by apps before installation. If an app requests access to features that seem unnecessary for its function, it could be a sign of malicious intent. Do not give any app accessibility permissions unless you really need to. Avoid granting permissions that could compromise your personal data.

4. Regularly update your device’s operating system and apps: Keeping your software up to date is crucial because updates often include security patches for newly discovered vulnerabilities that could be exploited by trojans.

ANDROID USERS AT RISK AS BANKING TROJAN TARGETS MORE APPS

Kurt’s key takeaways

The discovery of the Necro loader in apps like Wuta Camera, Max Browser and popular game mods shows just how serious security issues can be in the app world. With over 11 million Android devices affected, it’s crucial to be careful about where you download your apps. Unofficial sources can be a breeding ground for hidden threats, but the Play Store isn’t completely safe either. Google should look into what apps it allows on its platform. I haven’t seen as many malware issues affecting iPhone apps as there are on Android.

CLICK HERE TO GET THE FOX NEWS APP

Do you think Google does enough to protect users from malware on the Play Store? Let us know by writing us at Cyberguy.com/Contact

For more of my tech tips and security alerts, subscribe to my free CyberGuy Report Newsletter by heading to Cyberguy.com/Newsletter

Ask Kurt a question or let us know what stories you’d like us to cover

Follow Kurt on his social channels

Answers to the most asked CyberGuy questions:

New from Kurt:

Copyright 2024 CyberGuy.com.  All rights reserved.

Kurt “CyberGuy” Knutsson is an award-winning tech journalist who has a deep love of technology, gear and gadgets that make life better with his contributions for Fox News & FOX Business beginning mornings on “FOX & Friends.” Got a tech question? Get Kurt’s free CyberGuy Newsletter, share your voice, a story idea or comment at CyberGuy.com.


[ad_2]

admin

Leave a Reply

Your email address will not be published. Required fields are marked *