Urgent warning issued to Android users over malicious threat affecting millions of devices

Just like your PC, your smartphone isn’t free from being at the mercy of bugs and viruses.

A lot of us regularly use our favourite Android-based gadgets to make an obscene amount of online purchases. With that in mind, your go-to smartphone holds a lot of precious personal data and information.

Data that’s best kept out of the wrong hands.

The Android-based bug, Necro, is the latest malware to have its sights set on everyone’s personal data. The nasty bug is capable of not just stealing your personal information, but raking up pricey subscription fees without your knowledge.

Android users are now being warned to keep an eye out for the bug, which has already affected over 11 million devices the world over.

Necro was first discovered way back in 2019. As explained by the cybersecurity firm Kaspersky, the bug was initially found in an app on the Google Play Store. At that time, the bug had attached itself to a 'text recognition app', which had already ranked up over 100 million downloads.

Kaspersky go on to explain that the bug can be found in unofficial custom versions of apps, also referred to as 'mods'. User-modified versions of popular apps, such as Spotify, were the first to be discovered infected with the malicious bug.

Rather than through official Spotify channels, subscribers were being advertised to download a 'Premium Mod; for the music streaming platform. This mod, in the form of an APK file, was said to unlock the Spotify Premium Plus service.

Kaspersky

However, anyone unfortunate enough to click the alluring green download button got a nasty surprise. Instead of unlocking access to millions of songs, their personal data was sent to an attacker's server.

The bug sadly isn’t just prevalent through unofficial means. As reported by The Metro, the Google Play Store is also host to a range of Nero-infected mods.

Apps such as 'all-round camera app' Wuta Camera, was discovered to have the Necro bug. While it has since been removed, the app has been downloaded a staggering 10 million times, which could have put a ton of android users at risk.

The firm states the bug affected the 6.3.2.148 version of the app, and that anyone with it should update it immediately. Clean versions of Wuta Camera start from versions 6.3.7.128 onwards.

While up-to-date version fo the app should be safe, the firm also notes that unofficial versions of Wuta Camera are still around. This means that bug-infected versions of the app likely still exist out in the wild.

How to avoid the Necro bug on your android device

To ensure your personal data stays safe in your hands, and your hands only, Kaspersky have some handy tips. The cybersecurity firm strongly recommends being suspicious of any mods for apps.

Getty images

This includes available mods for other popular apps such as Whatsapp, and even mobile games like Minecraft and Stumble Guys. If anyone is eager to see ‘what games you have on your phone’, just make sure they aren’t adding any mods to them first.

Kaspersky also suggests checking the reviews and ratings of any apps you download to your phone and other android devices. Low ratings can be an indicator of potential bugs, and high-ratings can be a sign that things are too good to be true.

Lastly, while also recommending their own official app, the cybersecurity firm recommends avoiding mods and hacked apps altogether.

While it may be alluring to download an APK of an app not available in the UK, its aftermath could be disastrous for your device, personal data and even your bank account.

Featured image credit: Getty images