Researchers from Kaspersky have identified new malicious apps on Google Play that were infected through an unverified SDK, echoing a similar incident from five years ago.
The stealthy malware family known as Necro uses techniques like steganography and clever tradecraft to deliver code that can run with heightened system rights on infected devices.
Malicious software development kits (SDKs) can provide frameworks for developers that expedite app creation but can also include hidden backend functions that compromise user data and security.
The recently discovered variants of Necro upload user data to attacker-controlled servers and execute commands that allow for ongoing updates and infection of the device.
Collection
[
|
...
]