Necro Trojan infiltrates Google Play and Spotify and WhatsApp mods

Description

A new version of the Necro Trojan has infected various popular applications, including game mods and apps on Google Play, potentially affecting over 11 million Android devices. The multi-stage loader uses steganography to hide payloads and obfuscation to evade detection. Its modular architecture allows for targeted delivery of updates or new malicious modules. The Trojan can display ads, download and execute arbitrary files, install applications, open links in invisible windows, run tunnels through victim devices, and potentially subscribe to paid services. Infected apps include Wuta Camera, Max Browser, and modified versions of Spotify, WhatsApp, and games like Minecraft.