"NoVoice" Malware Attacks 2.3 Million Android Users, Hiding in 50 Google Play Apps

NoVoice was found hidden in more than 50 apps on the Google Play Store. (photo: dok. lazaron)

JAKARTA - Security threats are once again haunting the Android ecosystem after a new malware called NoVoice was found hidden in more than 50 applications on the Google Play Store. This attack is estimated to have affected at least 2.3 million users worldwide.

This finding was revealed by researchers from McAfee, who said the malware disguised itself in "safe" looking apps such as system cleaners, photo galleries, and games. Behind their usual appearance, these apps store dangerous capabilities that can take over the device.

Once installed, NoVoice attempts to gain root access by exploiting old security holes in the Android system. With this access, the malware can steal data from various applications, install or delete other applications secretly, and monitor user activity.

Most alarmingly, this malware is designed to be difficult to remove. NoVoice is known to store recovery scripts and backup payloads on the system partition - an area that is not completely deleted even after a factory reset. This means that the device can remain infected even if the user has tried a "total reset".

However, there is good news. Google states that Android devices that have received security updates since May 2021 are relatively safe from this exploit. In addition, the Play Protect feature automatically removes detected malicious applications and prevents new installations.

Even so, users who have downloaded the infected application are still advised to be vigilant. It is possible that personal data has been exposed before the application is deleted by the security system.

Google also reiterated the importance of basic digital security habits: always updating the operating system, downloading apps only from official sources, and paying attention to the access permissions requested by apps.