A brand new harmful malware assault known as “NoVoice” has been found and was talked about in a brand new report in “Bleeping Laptop.” The malware was discovered as payload in additional than 50 apps listed within the Google Play Retailer. The report says that these apps had been put in a complete of two.3 million occasions from Google’s Android app storefront. Workers at cybersecurity researcher McAfee found “NoVoice” and located it inside varied apps akin to system cleaners, video games, and picture galleries.
Essentially the most harmless apps comprise essentially the most harmful payloads
That is how attackers get you. Hiding malware inside what seems to be an harmless and helpful app leads Android customers to put in the app. As soon as put in, the malware delivered because the payload exploits any Android vulnerabilities in an try to get root entry. Not solely will this lead the attackers to choose up data together with usernames and passwords on your monetary companies apps, the malware may also help set up and delete apps onto your telephone with out your information.
In some instances, a part of the malware is put in in such a means that even performing a manufacturing unit reset will not fully eradicate it out of your machine. In terms of “NoVoice,” issues aren’t as bleak as they appears. Google advised Bleeping Laptop that Android units up to date since Might 2021 are protected. Even my Pixel 6 Professional, launched in October 2021, has been up to date as just lately as this yr, giving it safety from the assault.
How one can inform which nation the attackers are from
McAfee discovered that in sure areas, akin to Beijing and Shenzhen in China, the malware did not infect units. This definitely offers you an thought about which nation the assault was developed in. It permits the perpetrators to remain away from home regulation enforcement.
Google Play Retailer itemizing of an app contaminated with NoVoice. | Picture by Bleeping Laptop
In a press release, Google stated that Google Play Defend robotically eliminated the malicious apps and blocked new installations. Google additionally stated that Android customers ought to at all times obtain the most recent safety replace launched for his or her units.
As an added layer of protection, Google Play Defend robotically removes these apps and blocks new iinstallations. Customers ought to at all times set up the most recent safety updates out there for his or her machine.
Sadly, Bleeping Laptop did not title the greater than 50 apps concerned. It did embody a picture of the Play Retailer itemizing of an app known as SwiftClean, which it says carried the NoVoice payload. The developer was Biodun Popoola. The malware will get its title from a silent audio file discovered within the code that performs at no quantity in an effort to have the malicious code run within the background with out getting detected by the consumer. To keep away from malware like this, solely set up Android apps from the Google Play Retailer and in addition ensure that to at all times replace your telephone.
Get Seen as little as $20/mo for 1 yr. Restricted time provide with code: FRESHSTART
Provide Ends 6.1.2026 at 11.59pm ET. New members get $5/mo off the $25/mg Seen plan, $35/mo Seen+ plan, or $45/mo Seen+ Professional plan for the primary 12 months. Promo code FRESHSTART required at checkout.
Purchase at Seen
Learn the most recent from Alan Friedman
