Necro Trojan Infects 11 Million Android Devices via Google Play and Modded Apps

Security researchers discovered the malware in popular apps like Wuta Camera and Max Browser, as well as modified versions of Spotify and WhatsApp.

The Necro Trojan, first identified in 2019, has resurfaced and infected over 11 million Android devices.
Researchers found the malware in two Google Play apps: Wuta Camera and Max Browser, with over 10 million and 1 million downloads respectively.
Necro is also spreading through modded versions of popular apps such as Spotify, WhatsApp, and Minecraft, distributed via unofficial sources.
The malware uses advanced techniques like steganography and SDK obfuscation to avoid detection and execute malicious payloads.
Google has removed the infected apps from the Play Store and advises users to enable Play Protect and avoid downloading apps from unofficial sources.