Jump directly to the content

ANDROID owners have been urged to delete two apps hosting malware that secretly sign you up to subscriptions, among other tricks.

The two apps, which have been downloaded 11million times collectively, are carrying a new strain of Necro malware.

BRAZIL – 2021/08/25: In this photo illustration the Android logo seen displayed on a smartphone with a malware alert in the background. (Photo Illustration by Rafael Henrique/SOPA Images/LightRocket via Getty Images)
1
BRAZIL – 2021/08/25: In this photo illustration the Android logo seen displayed on a smartphone with a malware alert in the background. (Photo Illustration by Rafael Henrique/SOPA Images/LightRocket via Getty Images)Credit: Getty

The malware installs at least four malicious payloads into infected devices, including:

  • Adware that loads links through invisible WebView windows and can display unwanted adverts on your device.
  • Modules that download and execute arbitrary JavaScript and DEX files.
  • Tools that facilitate subscription fraud, where you are secretly signed up to fake memberships.

READ MORE ON ANDROID

  • Mechanisms that use infected devices as proxies to route malicious traffic, which cybercriminals use to hide their tracks.

Necro was first discovered by cybersecurity experts as Kaspersky back in 2019.

However, the team has since confirmed that Necro has returned to the Google Play store inside two apps, for a fresh wave of attacks on Android phones.

The first app is Wuta Camera by little-known developer 'Benqu', with over 10million downloads, which masquerades as a photo editing and beautification tool.

The second app is Max Browser from a developer called 'WA message recover-wamr', which had 1million downloads.

Horror Android mistake lets crooks clone your bank card in seconds for spending spree – and even silently withdraw cash

How to spot a dodgy app

Detecting a malicious app before you hit the 'Download' button is easy when you know the signs.

Follow this eight-point checklist when you're downloading an app you're unsure about:

  1. Check the reviews - be wary of both complaints and uniformly positive reviews by fake accounts.
  2. Look out for grammar mistakes - legitimate app developers won't have typos or errors in their app descriptions.
  3. Check the number of downloads - avoid apps with only several thousand downloads, as it could be fake.
  4. Research the developer - do they have a good reputation? Or, are totally fake?
  5. Check the release date - a recent release date paired with a high number of downloads is usually bad news.
  6. Review the permission agreement - this agreement gives permission for the app to take bits of your data, and fake apps often ask for additional data that is not necessary.
  7. Check the update frequency - an app that is updated too frequently is usually indicative of security vulnerabilities.
  8. Check the icon - look closely, and don’t be deceived by distorted, lower-quality versions the icons from legitimate apps.

All of this information will available in both Apple's App Store and the Google Play Store.

Google has been notified of the findings, and has since removed Max Browser from the platform.

However, Wuta Camera is still available to download because the malware was removed in a recent update.

That being said, any payloads that might have been installed in the older versions of the app may still lurk on Android devices.

While Google is generally very good at detecting and removing malicious apps - some do slip through the cracks.

If you have downloaded one of these apps, it is advised to delete them immediately.

If you suspect your Android device is infected, you can download a trusted antivirus app like Malwarebytes or Bitdefender from the Google Play Store.

These apps will scan your phone for any threats, and give you steps on how to block adware.

It's also advised to keep an eye on your bank account for any fraudulent subscriptions and purchases, and report them to your bank.

Must-know Android tips to boost your phone

Get the most out of your Android smartphone with these little-known hacks:

Topics