A report from Kaspersky shows that more than 11 million Android devices have been infected with Necro malware through two seemingly harmless applications on Google Play.
Table of Contents
Necro was first discovered in 2019 in the text recognition app CamScanner with over 100 million downloads on Google Play.
Recently, cyber security researchers have discovered that Necro has reappeared both in popular applications on Google Play and in various app versions on unofficial websites. The new version of this malware has been upgraded with more features.
Kaspersky experts believe that the developers of legitimate applications may have used an unverified ad integration tool, which helped Necro infiltrate.
Wuta Camera and Max Browser, two popular apps on Google Play, have been found to contain Necro malware with a total of over 11 million downloads.
Necro has been able to bypass security systems using a technique called steganography, which hides malware inside images. Once on a device, the malware takes control, downloads additional malware, and even secretly subscribes to paid services without the user knowing.
Users should immediately remove apps like Wuta Camera (infected versions 6.3.2.148 to 6.3.6.148) and Max Browser if installed.
The 31 malicious apps below are capable of stealing login information to bank accounts without the user's permission.
Security researchers have discovered a malware called “Daam” that can bypass security applications installed on smartphones and cause many serious consequences.
This type of malware is assessed by experts as having a sophisticated way of operating, being able to steal data, collect sensitive information, eavesdrop and record all incoming and outgoing calls on the victim's smartphone, including calls made via applications such as Messenger, Telegram or WhatsApp...
According to CloudSEK experts, there are 3 applications containing Daam malware:
In addition, international information security research organizations said they have discovered 28 applications that tend to spread malware, disguised as useful applications to trick users into installing them. 17 of these applications disguise themselves as VPN tools, with advertisements that help users browse the web more securely and hide real information on the Internet.
28 apps containing malicious code include:
Experts warn that if users' devices contain these applications, they should quickly remove them to avoid unfortunate risks. At the same time, to ensure safety, users should not download strange applications, activate the Google Play Protect feature in Google Play to be protected from malware and use reliable anti-virus solutions.
Cybersecurity firm ESET has discovered an Android malware that uses the NFC reader on an infected device to capture payment data from the phone and relay that information to a crook.
This malware uses the NFCGate toolkit to analyze NFC traffic, hence the name NGate.
This malware would allow crooks to withdraw money or pay for purchases at cash registers using user data at ATMs and POS (point of sale) machines.
NGate works by sending an instant message containing a link to a fake website that collects the victim's login credentials, asking the victim to install an application because there is a problem with their tax return. Based on the collected information, the attacker will gain access to the target's bank account.
The attacker then poses as a bank employee and calls the victim to send a text message containing a link to an app, which is actually the NGate malware. The attacker then asks the victim to enable NFC on their phone and swipe their card.
Using the compromised smartphone, NGate can relay NFC data from the victim's card to the attacker's smartphone, which can then emulate the card. From there, the crook will receive real-time information and withdraw money from the ATM.
Thanks to Google Play Protect's automatic protection, no apps containing NGate are currently detected on Google Play.
Security experts have discovered a new Android malware called 'BingoMod' that can steal money from bank accounts and wipe out victims' phone data.
BingoMod typically disguises itself as popular mobile security apps, and is distributed via phishing SMS messages to trick users into installing it. Once installed, the malware asks users to grant access to accessibility services, allowing it to take full control of the device to steal login credentials, take screenshots, intercept messages, and even conduct fraudulent transactions directly on the device.
According to research results, each transaction of this malware can be stolen up to more than 16,000 USD (about 404 million VND).
In addition, after successfully withdrawing money, BingoMod can also erase data on the phone, making it difficult for victims to recover information.
BingoMod is still in development at the moment and will definitely become more dangerous in the future.
Therefore, experts warn that Android users need to be especially vigilant with SMS messages containing links to download strange applications, especially those with names related to security to protect their bank accounts and personal data. In addition, users should carefully check the developer information and read other users' reviews before installing any application.
Users can use the "Play Protect" feature integrated by Google on CH Play to check if their smartphone has accidentally installed any applications containing malicious code.
To use this feature, users need to access the CH Play app store -> click on the account icon in the upper right corner -> select " Play Protect " settings -> click on the " Scan " button.
After scanning, if the message " No harmful applications found " appears, your phone is safe.
However, Play Protect only protects your smartphone from apps that Google has identified as malicious. In cases where Google has not identified apps containing malicious code, this feature cannot warn users.
To remove malicious applications on Android smartphones, you need to access Settings -> select the Applications tab -> select Manage applications -> find the application you want to remove, click on it and select Uninstall .
Encountering the frustrating Microsoft Teams "Remove Account" Data Error? Discover quick, reliable fixes like clearing cache, resetting the app, and more to get back to seamless collaboration without losing data. Updated with the latest solutions.
Tired of the frustrating Microsoft Teams "Layout Error" Sidebar? Follow our proven, step-by-step troubleshooting guide with the latest fixes to get your Teams sidebar working smoothly again. No tech skills needed!
Stuck with Microsoft Teams offline error in 2026? Discover proven troubleshooting steps, common causes, and quick fixes to restore your connection fast. No tech skills required!
Tired of Microsoft Teams crashing with "Error M" memory issues? Follow our step-by-step guide to fix Error M in Teams, clear cache, update software, and boost performance—no tech skills required!
Discover the easiest step-by-step guide to setting up Microsoft Teams Town Hall events. Host massive virtual gatherings effortlessly with pro tips for seamless execution. Perfect for leaders and organizers!
Struggling with Microsoft Teams "Download Error" on PC? Discover proven, step-by-step fixes to resolve download failed issues quickly. Get back to seamless collaboration in minutes—no tech skills needed!
Stuck with Microsoft Teams "Error L" License error? Follow this step-by-step troubleshooting guide to resolve licensing issues quickly, restore access, and boost productivity without IT hassle. Updated with latest fixes.
Tired of Microsoft Teams video call freezing mid-meeting? Follow this proven troubleshooting Microsoft Teams video call freezing guide with quick fixes, advanced tips, and real solutions to restore smooth video instantly.
Frustrated by Microsoft Teams 'Download Failed Due to Unexpected Error'? Discover proven, step-by-step solutions to fix this common issue quickly and get back to seamless collaboration. Updated with the latest fixes for peak performance.
Frustrated because your Microsoft Teams recording failed? Uncover the top common reasons like permissions issues, storage limits, and network glitches, plus step-by-step fixes to prevent future failures and record flawlessly every time.
Struggling with Microsoft Teams "Error B" connection? Discover step-by-step fixes for smooth connectivity. Clear cache, check networks, and more in this ultimate guide to resolving Error B instantly.
Tired of the frustrating Microsoft Teams "Application Is In A Bad State" error crashing your meetings? Discover proven, step-by-step fixes to resolve it quickly and restore smooth teamwork. Updated with the latest solutions.
Discover simple steps to check your Microsoft Teams version history and build number on desktop, web, and mobile. Stay updated with the latest features and fixes effortlessly. Perfect for IT pros and everyday users.
Tired of Microsoft Teams "Uninstall Error" Stuck? Discover proven, step-by-step fixes to completely remove Teams from your PC. Works on latest Windows versions – no tech skills needed!
Facing the frustrating Microsoft Teams "Where is My Team?" error? Discover step-by-step troubleshooting tips, common causes, and quick fixes to resolve it instantly and resume seamless collaboration. Updated with the latest solutions.
