The Google Play Store experienced a security breach due to the Necro Trojan infecting more than 11 million devices through fake versions of legitimate Android apps. This sophisticated malware employed steganography and obfuscation tactics to avoid detection and executed malicious activities such as displaying ads, downloading and running files, and creating tunnels through victims' devices. Among the affected applications were popular games and apps such as Spotify and Minecraft obtained from unofficial sources. The severity of the breach is heightened by the Trojan's ability to subscribe to paid services without user consent, signifying a direct financial impact on affected users.
Source: https://securityaffairs.com/168898/malware/new-necro-trojan-apps-11m-downloads.html
"id": "goo001100324",
"linkid": "google-play",
"type": "Breach",
"date": "9/2024",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"