Wuta Camera, Max Browser, WhatsApp Mods, Spotify Mods, and Minecraft Mods were found to be infected with a Necro Sideloader. All the apps are shown to contain CoralSDK. If you downloaded any of this remove the apps and wipe your phone.

      • atrielienz@lemmy.world
        link
        fedilink
        English
        arrow-up
        1
        ·
        3 months ago

        Yeah, but it doesn’t seem likely they’d be satisfied with these apps either. I mean. It’s not like they’re feature rich. They’re a shell app intended to be malware for the most part. So you’d end up installing it and then going “this isn’t what I wanted” and then uninstalling it, I would think. Photoshop Express is like $4 (might be more now, haven’t checked).

        • Lun0tic@lemmy.world
          link
          fedilink
          English
          arrow-up
          6
          ·
          3 months ago

          Photoshop Express requires a monthly subscription which is a practice seen as trash by the general population.

          • atrielienz@lemmy.world
            link
            fedilink
            English
            arrow-up
            1
            ·
            3 months ago

            Didn’t know that. I generally do photo editing on a computer so it’s not like I’m downloading a bunch of camera apps.

  • enkers
    link
    fedilink
    English
    arrow-up
    42
    arrow-down
    22
    ·
    3 months ago

    From the picture, yes, Google Play is indeed malware. F-Droid is the way.

          • Kevin@lemmy.ca
            link
            fedilink
            English
            arrow-up
            19
            ·
            3 months ago

            Because they only offer open source apps they build themselves

          • enkers
            link
            fedilink
            English
            arrow-up
            8
            ·
            edit-2
            3 months ago

            FOSS apps are generally more secure due to auditability of the source. Many eyes, and all that. Although I’m sure there’s also reduced interest from attackers on smaller platforms.

            Also, malware devs would have the additional constraint of having to either open source their malware, which they probably don’t want to do, or sideload their payload, which is more work for them.