Wuta Camera, Max Browser, WhatsApp Mods, Spotify Mods, and Minecraft Mods were found to be infected with a Necro Sideloader. All the apps are shown to contain CoralSDK. If you downloaded any of this remove the apps and wipe your phone.
I have a lot of questions about who is downloading all these camera Apps.
I mean I’m sure it’s anyone not satisfied with the built in app
Yeah, but it doesn’t seem likely they’d be satisfied with these apps either. I mean. It’s not like they’re feature rich. They’re a shell app intended to be malware for the most part. So you’d end up installing it and then going “this isn’t what I wanted” and then uninstalling it, I would think. Photoshop Express is like $4 (might be more now, haven’t checked).
Photoshop Express requires a monthly subscription which is a practice seen as trash by the general population.
Didn’t know that. I generally do photo editing on a computer so it’s not like I’m downloading a bunch of camera apps.
I’d rather not ask
From the picture, yes, Google Play is indeed malware. F-Droid is the way.
did F-Droid not have these apps?
Correct
because of better security, or more obscurity?
Because they only offer open source apps they build themselves
ah ok that makes sense, i didn’t realise they build them in house
Build as in compile
FOSS apps are generally more secure due to auditability of the source. Many eyes, and all that. Although I’m sure there’s also reduced interest from attackers on smaller platforms.
Also, malware devs would have the additional constraint of having to either open source their malware, which they probably don’t want to do, or sideload their payload, which is more work for them.
Bcs of anti-greed policy and those not being open source.
FOSS FTW
Ah yes, This.