Android Malware Infects Over 2.3 Million Devices – Is Yours One?

Security experts have recently uncovered a new Android malware called NoVoice that has infected over 2.3 million devices through various apps on Google Play. The malware, hidden within seemingly harmless apps like cleaners, photo galleries, and games, doesn’t raise any suspicion during installation as it delivers the promised functionality without requesting any suspicious permissions.

Once launched, NoVoice attempts to gain root access on the device by exploiting old Android security vulnerabilities dating back to 2016. It then communicates with a command-and-control server to gather data about the infected device, including hardware, Android version, installed apps, and root status. This information is used to determine the appropriate attack strategy. The malware downloads additional components to execute a targeted attack by exploiting 22 different vulnerabilities to bypass security measures and gain root access.

What makes NoVoice particularly dangerous is its ability to survive a device reset, as it modifies parts of the system software that are not typically reset. The malware injects code into every app launched on the device, with WhatsApp being a primary target. Security experts have drawn parallels between NoVoice and the notorious Android Trojan Triada due to similarities in their behavior.

Google has since removed the infected apps from Google Play, but devices that have already been infected remain at risk. The best protection against NoVoice is to install all security updates released after May 2021, as the malware targets vulnerabilities that have been patched by this time. Users are advised to update their Android devices to the latest software version or consider replacing them if they cannot receive security updates.

Devices running current versions of Android with all available security updates installed should be safe from NoVoice. However, older or unpatched devices may still be vulnerable to the malware’s root exploit. Users are encouraged to only download apps from Google Play, enable Google Play Protect, install a virus scanner, and carefully review app permissions, downloads, and reviews before installation.

In conclusion, the threat posed by NoVoice underscores the importance of staying vigilant against malware attacks on Android devices. By following best practices for app installation and security updates, users can protect themselves from potential threats.