Is Your Device Infected? Android Malware Spreads to Over 2.3 Million Devices

Android malware has been a major concern, with sophisticated malware infecting over 2.3 million devices by exploiting 22 vulnerabilities from 2016-2021 to gain root access, as reported by Tech Advisor. This malware survives factory resets on older unpatched devices and injects code into apps like WhatsApp while gathering device data for targeted attacks. To protect yourself, it is crucial to immediately install Android security updates from May 2021 or newer, only download apps from the Google Play Store, and consider replacing outdated devices for better protection.

McAfee recently discovered a new piece of Android malware named NoVoice on Google Play, hidden within over 50 different Android apps and downloaded at least 2.3 million times. The malware disguises itself within apps that appear to be cleaners, photo galleries, or games, without requesting suspicious permissions during installation, making them inconspicuous.

Once launched, NoVoice attempts to gain root access on Android devices by exploiting old security vulnerabilities from 2016-2021. It then contacts a command-and-control server to send device data for targeted attacks. The malware downloads components to enable a targeted attack, exploiting 22 different vulnerabilities to gain root privileges. It can even survive a device reset by injecting code into every app launched on the device, with WhatsApp being a primary target.

While the malware’s creators remain unidentified, security experts highlight similarities to the Android Trojan Triada. Google has removed the infected apps from Google Play, but if already installed, your device remains infected. Upgrading to a newer device with the latest security patch can effectively mitigate this threat, as NoVoice targets vulnerabilities patched by May 2021.

For protection, only install apps from Google Play, enable Google Play Protect, install a virus scanner, check app permissions and reviews before downloading, and always install Android security updates promptly. Devices running current Android versions with all security updates installed should be safe. McAfee recommends reinstalling the device’s firmware to completely remove the infection, if needed.

In conclusion, it is essential to stay vigilant against Android malware threats by following best practices for app installation, security updates, and device replacement if necessary. Keeping your device protected and up-to-date is crucial in safeguarding against malicious attacks.