A new version of the Necro malware has been discovered to have affected over 11 million Android users through various methods, including malicious app downloads from Google Play and modded versions of popular apps like Spotify and WhatsApp. While Google has removed the malicious apps from the Play Store, third party app stores and modified versions of apps remain a primary method of distribution for the trojan. Once installed, Necro deploys multiple payloads that activate harmful plugins and run adware on devices.
Android Users Beware: Necro Malware Infects Millions Through Spotify, WhatsApp Modded Apps
A sophisticated Android malware known as Necro has emerged as a significant threat, affecting over 11 million users worldwide. The malware has been discovered spreading through malicious app downloads from Google Play and modded versions of popular apps like Spotify and WhatsApp.
Background
Necro is a family of trojan malware that has been targeting Android devices since at least 2019. The malware is known for its persistence and ability to bypass security measures. Previous variants of Necro have infected millions of devices, primarily through fraudulent advertising and phishing campaigns.
Current Attack Vector
The latest version of Necro has been found exploiting the popularity of Spotify and WhatsApp. Attackers have created modified ("modded") versions of these popular apps, which include hidden malicious code that installs the Necro malware. These modded apps are often advertised through third-party app stores and social media platforms, luring victims into downloading them.
Impact
Once installed, Necro deploys multiple payloads that can:
Response
Google has responded to the threat by removing the malicious apps from the Play Store. However, users who have downloaded these apps should immediately uninstall them and scan their devices for malware. Third-party app stores and modified versions of apps remain a primary method of distribution for Necro, so caution is advised when downloading apps from untrusted sources.
Top 5 FAQs
How do I know if my device is infected with Necro?
What should I do if my device is infected?
How can I protect myself from Necro?
Has Necro affected other popular apps?
Is Google doing enough to combat Necro?
Conclusion
The Necro malware attack highlights the ongoing threat posed by malicious apps targeting Android devices. Users should be vigilant when downloading apps, especially from third-party sources. By following security best practices and staying informed about emerging threats, users can protect themselves from this and similar malware attacks.
In a major partnership, Google and Reliance have announced that they will provide Jio users with free access to Google's AI Pro plan, powered by the latest Gemini 2.5 Pro model. This offer, generally worth Rs 35,100, will give eligible users access to enhanced AI image and video generation capabilities, along with increased storage and productivity tools. Additionally, Google Cloud will serve as Reliance Intelligence's strategic AI infrastructure partner, empowering Indian companies to adopt Gemini Enterprise and build complex and capable AI applications domestically.
Google has teamed up with Reliance Intelligence to offer its top-tier AI Pro plan, featuring the latest Gemini 2.5 Pro model, to Jio Unlimited 5G subscribers for 18 months at no additional cost. The collaboration aims to expand access to advanced AI tools for millions of users in India, with an initial rollout to 18-25 year olds before expanding nationwide. Along with Gemini Pro, the plan will also provide higher limits for generating images and videos, expanded access to NotebookLM, and 2 TB of cloud storage. The move reflects a growing trend among telecom providers to bundle premium AI products into their mobile plans, following in the footsteps of Airtel and OpenAI.
Thousands of users worldwide are unable to access critical services such as Azure, Microsoft 365, Teams, Outlook, and the Microsoft Store due to widespread downtime across several of Microsoft's key platforms. The outage has also affected major corporate clients like Starbucks, Kroger, and Costco, highlighting the extent of the problem. While Microsoft has acknowledged the issue and is working on a solution, frustrated users have taken to social media to express their displeasure and even poke fun at the situation.
Elon Musk has once again stirred the tech world with the launch of Grokipedia, his version of Wikipedia, powered by AI. With its first iteration already live, Musk claims that Grokipedia 0.1 is superior to Wikipedia, and version 1.0 will be a whopping 10 times better. As this new platform takes on the task of compiling and updating information with the help of AI, we explore the key differences between Wikipedia and Grokipedia.
Gone are the days of standing in long queues to update your Aadhaar card. With the new rule, you can now make any changes or corrections to your Aadhaar information online, without having to visit an enrolment centre. This means that updating your name, address, date of birth, or mobile number will be faster, simpler, and more secure than ever before. Say goodbye to the hassle and hello to convenience with this game-changing update to the Aadhaar system!
Entrepreneur and inventor Elon Musk has launched a new online encyclopedia called Grokipedia, which he claims will provide a more balanced and unbiased view of controversial subjects compared to Wikipedia. Although some entries on the site appear identical to those on Wikipedia, many users have praised Grokipedia for its nuanced and detail-oriented approach. However, others remain skeptical and have pointed out that some pages on Grokipedia appear to have been lifted directly from Wikipedia without proper credit. Nonetheless, Musk has emphasized that his goal with Grokipedia is to provide "the truth, the whole truth, and nothing but the truth."
During a meeting with Indian Police Service probationers, President Droupadi Murmu emphasized the importance of technology in policing and the potential threat of "digital arrest". Murmu stated that India's economic growth relies on effective policing for maintaining law and order and attracting investment. She also highlighted the role of a future-ready police force, led by young officers, in shaping a technologically-advanced 'Viksit Bharat'. "Digital arrest" refers to a scam where fraudsters pose as law enforcement officials and use threats of arrest and other means to extort money from victims.
South African entrepreneur Elon Musk's social media platform X, formerly known as Twitter, has announced that it will no longer use the Twitter domain for two-factor authentication. This update primarily affects users who utilize hardware security keys or passkeys and they must re-enroll their credentials on X.com before November 10 to avoid being locked out of their accounts. This move reflects Musk's long-standing ambition to revitalize the X.com brand, which he founded in 1999 and later merged with Confinity to create PayPal.
Elon Musk's website X, formerly known as Twitter, has announced that it will no longer support the old Twitter.com domain for users with hardware security keys or passkeys. This means that these users will need to re-enroll their keys or risk being locked out of their account. X has assured users that this change is not due to any security concerns, but rather to migrate away from Twitter's old domain. Users can easily check the status of their 2FA and re-enroll if necessary to stay connected on X.
According to Wikipedia founder Jimmy Wales, claims made by Tesla CEO Elon Musk about the online encyclopedia having a left-wing bias are simply "factually wrong." This comes after Musk urged his followers to stop donating to Wikipedia and announced plans to launch his own version. Wales refutes the idea of a biased Wikipedia, but acknowledges room for improvement in its volunteer community. Musk's criticism of the site intensified after footage of him at a rally sparked controversy.