Necro Android Malware Found in Popular Apps on Google Play Store

A new version of the Necro Android malware has been discovered hidden in altered versions of popular Android apps, including Wuta Camera and Max Browser, on the Google Play Store. These malicious apps have been downloaded over 11 million times, affecting users worldwide.

  • Compromised Apps: The malware was found in legitimate apps like Wuta Camera (10+ million downloads) and Max Browser (1+ million downloads). While Max Browser has been removed from the Play Store, Wuta Camera has been updated to remove the malware.
  • Obfuscation and Steganography: The new version of Necro malware uses obfuscation techniques and steganography to hide malicious payloads, making detection difficult. It downloads and executes arbitrary files, displays ads in invisible windows, and can subscribe users to paid services.
  • Modular Architecture: Necro’s modular structure enables it to perform a wide range of malicious activities on infected devices, including creating a tunnel through the victim's device, executing arbitrary code, and loading intrusive ads.
  • Delivery via Unofficial Apps: The malware is often distributed through modded versions of popular apps found on unofficial app stores, increasing its reach.
  • Global Spread: Between August 26 and September 15, 2024, blocked over 10,000 Necro malware attacks globally, with Russia, Brazil, Vietnam, Mexico, and Italy being among the most affected countries.

    The rise of Necro malware demonstrates the growing sophistication of Android malware, utilizing rare techniques like steganography for evasion. This emphasizes the importance of downloading apps from trusted sources and maintaining robust mobile security.


Keep your Android devices secure with Net Protector Mobile Security, providing proactive defense against malware, data theft, and malicious applications.

Stay ahead of emerging threats with Net Protector Cyber Security – your trusted defense against mobile malware and cyber attacks.