{"id":1879277,"date":"2026-04-12T09:31:33","date_gmt":"2026-04-12T06:31:33","guid":{"rendered":"https:\/\/analyse.optim.biz\/?p=1879277"},"modified":"2026-04-12T09:31:33","modified_gmt":"2026-04-12T06:31:33","slug":"milioane-de-utilizatori-android-in-alerta-50-de-aplicatii-din-google-play-au-fost-infectate-cu-un-soft","status":"publish","type":"post","link":"https:\/\/analyse.optim.biz\/?p=1879277","title":{"rendered":"Milioane de utilizatori Android, \u00een alert\u0103: 50 de aplica\u021bii din Google Play au fost infectate cu un soft&#8230;"},"content":{"rendered":"<p>[analyse_image type=&#8221;featured&#8221; src=&#8221;https:\/\/cdn.adh.reperio.news\/image-a\/ae0ea02b-cd2c-4ab8-bdd7-451e07f6d576\/index.jpeg?p=f%3Djpeg%26w%3D1200%26h%3D630%26r%3Dcover&#8221;]<\/p>\n<article class=\"svelte-t0js42\">\n<nav>\n<ul class=\"breadcrump svelte-xauq0s\">\n<li class=\"svelte-xauq0s\"><a href=\"\/\" title=\"Adev\u0103rul\" class=\"svelte-xauq0s\">Home<\/a><\/li>\n<li class=\"svelte-xauq0s\"><a href=\"\/stil-de-viata\" class=\"svelte-xauq0s\">Stil de via\u021b\u0103<\/a><\/li>\n<li class=\"svelte-xauq0s\"><a href=\"\/stil-de-viata\/tehnologie\" class=\"svelte-xauq0s\">Tehnologie<\/a><\/li>\n<li class=\"svelte-xauq0s\"><a href=\"https:\/\/adevarul.ro\/stil-de-viata\/tehnologie\/milioane-de-utilizatori-android-in-alerta-50-de-2522184.html\" class=\"svelte-xauq0s\">Milioane de utilizatori Android, \u00een alert\u0103: 50 de aplica\u021bii din Google Play au fost infectate cu un soft periculos<\/a><\/li>\n<\/ul>\n<\/nav>\n<p><main class=\"svelte-t0js42\"><\/p>\n<p>Malware-ul NoVoice a fost descoperit \u00een 50 de aplica\u021bii Android din Google Play, cu 2,3 milioane de desc\u0103rc\u0103ri, reu\u0219ind s\u0103 evite detectarea \u0219i s\u0103 vizeze dispozitivele neactualizate.<\/p>\n<div class=\"container-image  svelte-jd4qiv\"><source type=\"image\/webp\" srcset=\"https:\/\/cdn.adh.reperio.news\/image-a\/ae0ea02b-cd2c-4ab8-bdd7-451e07f6d576\/index.jpeg?p=a%3D1%26co%3D1.05%26w%3D1400%26h%3D750%26r%3Dcontain%26f%3Dwebp 1400w\" media=\"(min-width: 1400px)\" \/><\/p>\n<div class=\"caption\">Sistem de operare Android FOTO: Shutterstock<\/div>\n<\/div>\n<p>Hackerii nu au ocolit sistemele de ap\u0103rare ale Google Play. Au intrat direct pe u\u0219a din fa\u021b\u0103.<\/p>\n<p>Desc\u0103rcat de peste 2,3 milioane de ori, expun\u00e2nd poten\u021bial milioane de dispozitive, malware-ul NoVoice se reg\u0103se\u0219te \u00een aplica\u021bii instalate direct din Google Play Store, un scenariu neobi\u0219nuit \u00een care acesta a extras date sensibile de pe dispozitivele infectate, scrie <a href=\"https:\/\/www.techrepublic.com\/article\/news-novoice-malware-android-google-play-50-apps\/?fbclid=IwY2xjawREGxBleHRuA2FlbQIxMABzcnRjBmFwcF9pZBAyMjIwMzkxNzg4MjAwODkyAAEemz4TIPfalMfkL8NxjflHIPnau_zyuVEJiSZEXqEiQn8DqHhHuVqmgqd3MUY_aem_zr-VMC7rTprSP3coNeHGIw\" rel=\"nofollow\">TechRepublic.<\/a><\/p>\n<p>Identificat pentru prima dat\u0103 de cercet\u0103torii de la McAfee, aplica\u021biile afectate au fost ulterior raportate \u0219i eliminate de Google. De\u0219i nu au fost numi\u021bi oficial autori ai atacului, comportamentul malware-ului sugereaz\u0103 un tipar familiar unor grupuri cunoscute, ceea ce a determinat noi avertismente pentru utilizatorii Android s\u0103 r\u0103m\u00e2n\u0103 vigilen\u021bi.<\/p>\n<h2>Un malware t\u0103cut \u0219i neobi\u0219nuit<\/h2>\n<p>\u00cen timp ce multe programe malware care vizeaz\u0103 utilizatorii Android provin din aplica\u021bii instalate din surse externe sau sunt introduse dup\u0103 desc\u0103rcarea aplica\u021biei, acest malware a compromis direct Google Play Store.<\/p>\n<p>Prin dezvoltarea \u0219i publicarea unor jocuri, aplica\u021bii de cur\u0103\u021bare \u0219i galerii foto aparent inofensive \u00een Google Play Store, atacatorii au reu\u0219it s\u0103 ascund\u0103 comportamentul mali\u021bios \u00een timpul verific\u0103rii codului de c\u0103tre Google, p\u00e2n\u0103 dup\u0103 instalarea aplica\u021biei de c\u0103tre utilizator. Prin faptul c\u0103 aplica\u021biile chiar ofereau func\u021bionalit\u0103\u021bile promise, malware-ul a evitat detectarea timpurie.<\/p>\n<p>Odat\u0103 ce aplica\u021bia infectat\u0103 este lansat\u0103, malware-ul \u201e<i>adormit<\/i>\u201d se activeaz\u0103 \u0219i \u00eencearc\u0103 mai \u00eent\u00e2i s\u0103 exploateze vulnerabilit\u0103\u021bi vechi din Android, remediate \u00eentre 2016 \u0219i 2021, potrivit BleepingComputer.<\/p>\n<p>Dac\u0103 reu\u0219e\u0219te s\u0103 ob\u021bin\u0103 acces root prin aceste vulnerabilit\u0103\u021bi, malware-ul evit\u0103 sistemele de ap\u0103rare ascunz\u00e2nd componentele mali\u021bioase \u00een pachete care par legitime. Ulterior, extrage un cod criptat ascuns \u00een fi\u0219iere aparent inofensive \u0219i \u00eel \u00eencarc\u0103 \u00een memorie pentru execu\u021bie.<\/p>\n<p>Potrivit cercet\u0103torilor, imediat ce este \u00eenc\u0103rcat \u00een memorie, colecteaz\u0103 identificatori specifici dispozitivului, precum detalii hardware, versiunea kernelului \u0219i a Androidului, aplica\u021biile instalate \u0219i statusul root. Cu aceste date, contacteaz\u0103 un server de comand\u0103 \u0219i control (C2) \u0219i repet\u0103 procesul la fiecare 60 de secunde, primind instruc\u021biuni suplimentare adaptate dispozitivului.<\/p>\n<p>\u00cen aceast\u0103 etap\u0103, malware-ul urm\u0103re\u0219te s\u0103 ob\u021bin\u0103 control complet asupra sistemului prin rootarea dispozitivului. Cercet\u0103torii McAfee au identificat 22 de exploit-uri diferite, inclusiv vulnerabilit\u0103\u021bi ale kernelului \u0219i ale driverelor GPU.<\/p>\n<p>Dup\u0103 compromiterea dispozitivului, malware-ul \u00eenlocuie\u0219te pachete Android esen\u021biale cu versiuni modificate, pentru a controla execu\u021bia sistemului.<\/p>\n<h2>Capacit\u0103\u021bi periculoase \u00een faza final\u0103<\/h2>\n<p>Pentru a-\u0219i atinge scopul final, malware-ul poate instala \u0219i \u0219terge automat aplica\u021bii, reporni dispozitivul pentru a-\u0219i reactiva componentele \u0219i chiar fura date din aplica\u021bii securizate precum WhatsApp sau aplica\u021bii bancare.<\/p>\n<p>Potrivit cercet\u0103torilor cita\u021bi de BleepingComputer, <a href=\"https:\/\/adevarul.ro\/stil-de-viata\/tehnologie\/12-milioane-de-smartphone-uri-atacate-de-troieni-2449328.html\">malware-ul poate extrage datele interne ale WhatsApp<\/a> \u0219i le poate folosi pentru a clona sesiunea pe dispozitivul atacatorului.<\/p>\n<h2>Cum poate fi detectat \u0219i prevenit atacul<\/h2>\n<p>Dup\u0103 raportarea incidentului de c\u0103tre McAfee, Google a eliminat imediat aplica\u021biile mali\u021bioase. Un purt\u0103tor de cuv\u00e2nt al companiei a confirmat c\u0103 dispozitivele Android actualizate dup\u0103 mai 2021 sunt protejate, deoarece vulnerabilit\u0103\u021bile exploatate au fost deja remediate.<\/p>\n<p>Nu au fost publicate listele celor 50 de aplica\u021bii infectate, \u00eens\u0103 pentru siguran\u021b\u0103 este recomandat ca utilizatorii s\u0103 \u00ee\u0219i actualizeze constant dispozitivele \u0219i s\u0103 instaleze aplica\u021bii doar de la dezvoltatori de \u00eencredere.<\/p>\n<p><a href=\"https:\/\/adevarul.ro\/stiri-interne\/societate\/utilizatorii-android-sfatuiti-sa-isi-verifice-2426945.html\">\u00cen func\u021bie de modul de operare al malware-ului, <\/a>utilizatorii afecta\u021bi pot observa consum excesiv de baterie, reporniri nea\u0219teptate \u0219i dispari\u021bia sau reinstalarea misterioas\u0103 a aplica\u021biilor.<\/p>\n<p><\/main><\/p>\n<footer class=\"svelte-t0js42\">\n<div class=\"related-wrap related-footer svelte-1t8qpgs\"><span class=\"related-label svelte-1t8qpgs\">Cite\u0219te \u0219i<\/span><a class=\"related svelte-1t8qpgs\" data-gtrack='{\"event\":\"utm_click\",\"data\":{\"event_category\":\"article_related\"}}' href=\"https:\/\/adevarul.ro\/stil-de-viata\/tehnologie\/de-ce-este-android-16-periculos-sistemul-de-2450960.html\" title=\"Alt articol de interes pentru tine\"><img decoding=\"async\" class=\"thumb svelte-1t8qpgs\" src=\"https:\/\/cdn.adh.reperio.news\/image-a\/ae0ea02b-cd2c-4ab8-bdd7-451e07f6d576\/index.jpeg\" alt loading=\"lazy\" width=\"80\" height=\"54\"><span class=\"title svelte-1t8qpgs\">De ce este Android 16 periculos: sistemul de operare \u201espart\u201d \u00een telefoanele inteligente populare<\/span><\/a><a class=\"related svelte-1t8qpgs\" data-gtrack='{\"event\":\"utm_click\",\"data\":{\"event_category\":\"article_related\"}}' href=\"https:\/\/adevarul.ro\/stil-de-viata\/tehnologie\/vesti-proaste-pentru-soferi-aplicatia-waze-va-2464931.html\" title=\"Alt articol de interes pentru tine\"><img decoding=\"async\" class=\"thumb svelte-1t8qpgs\" src=\"https:\/\/cdn.adh.reperio.news\/image-f\/f6e29634-651a-490d-9683-d71406f96983\/index.jpeg\" alt loading=\"lazy\" width=\"80\" height=\"54\"><span class=\"title svelte-1t8qpgs\">Ve\u015fti proaste pentru \u015foferi: aplica\u021bia Waze va \u00eenceta s\u0103 func\u021bioneze pe anumite telefoane cu Android. Modelele vizate<\/span><\/a><a class=\"related svelte-1t8qpgs\" data-gtrack='{\"event\":\"utm_click\",\"data\":{\"event_category\":\"article_related\"}}' href=\"https:\/\/adevarul.ro\/stil-de-viata\/tehnologie\/android-la-poluri-opuse-ce-ofera-telefoanele-2509265.html\" title=\"Alt articol de interes pentru tine\"><img decoding=\"async\" class=\"thumb svelte-1t8qpgs\" src=\"https:\/\/cdn.adh.reperio.news\/image-f\/f779ebf5-ac21-467a-bb39-6fca9a9dc8a2\/index.jpeg\" alt loading=\"lazy\" width=\"80\" height=\"54\"><span class=\"title svelte-1t8qpgs\">Android la poluri opuse: ce ofer\u0103 telefoanele entry-level \u0219i high-end pentru cei ce vor un nou smartphone<\/span><\/a><\/div>\n<div class=\"meta svelte-t0js42\">\n<div class=\"authors svelte-t0js42\"><a href=\"\/author\/672\" rel=\"author\" class=\"svelte-t0js42\">\u0218tefan Borcea<\/a><\/div>\n<div class=\"tags svelte-12okeyl\"><span class=\"tags-label metaFont svelte-12okeyl\">Cite\u0219te mai multe despre<\/span><\/p>\n<div class=\"tags-list svelte-12okeyl\"><a href=\"\/tag\/android\" title=\"Ultimele \u0219tiri despre android\" class=\"tag-pill svelte-12okeyl\">android<\/a><a href=\"\/tag\/alerta\" title=\"Ultimele \u0219tiri despre alerta\" class=\"tag-pill svelte-12okeyl\">alerta<\/a><a href=\"\/tag\/google%20play\" title=\"Ultimele \u0219tiri despre google play\" class=\"tag-pill svelte-12okeyl\">google play<\/a><\/div>\n<\/div>\n<\/div>\n<p><a class=\"moreFromCategory svelte-t0js42\" href=\"\/stil-de-viata\/tehnologie\" title=\"Tehnologie\">Mai multe din <strong class=\"svelte-t0js42\">Tehnologie<\/strong> \u203a<\/a><\/footer>\n<\/article>\n<p>[analyse_source url=&#8221;https:\/\/adevarul.ro\/stil-de-viata\/tehnologie\/milioane-de-utilizatori-android-in-alerta-50-de-2522184.html&#8221;]<\/p>\n","protected":false},"excerpt":{"rendered":"<p>[analyse_image type=&#8221;featured&#8221; src=&#8221;https:\/\/cdn.adh.reperio.news\/image-a\/ae0ea02b-cd2c-4ab8-bdd7-451e07f6d576\/index.jpeg?p=f%3Djpeg%26w%3D1200%26h%3D630%26r%3Dcover&#8221;] Home Stil de via\u021b\u0103 Tehnologie Milioane de utilizatori Android, \u00een alert\u0103: 50 de aplica\u021bii din Google Play au fost infectate cu un soft periculos Malware-ul NoVoice a fost descoperit \u00een 50 de aplica\u021bii Android din Google Play, cu 2,3 milioane de desc\u0103rc\u0103ri, reu\u0219ind s\u0103 evite detectarea \u0219i s\u0103 vizeze dispozitivele neactualizate. Sistem [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[89],"tags":[19,226],"class_list":["post-1879277","post","type-post","status-publish","format-standard","hentry","category-romania","tag-adevarul","tag-crawlmanager"],"_links":{"self":[{"href":"https:\/\/analyse.optim.biz\/index.php?rest_route=\/wp\/v2\/posts\/1879277","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/analyse.optim.biz\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/analyse.optim.biz\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/analyse.optim.biz\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/analyse.optim.biz\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=1879277"}],"version-history":[{"count":0,"href":"https:\/\/analyse.optim.biz\/index.php?rest_route=\/wp\/v2\/posts\/1879277\/revisions"}],"wp:attachment":[{"href":"https:\/\/analyse.optim.biz\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=1879277"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/analyse.optim.biz\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=1879277"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/analyse.optim.biz\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=1879277"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}