Researchers discovered the NoVoice Android malware hidden within 50 apps on the Google Play Store, potentially compromising over 2.3 million devices through persistent system-level exploits and data theft.

Key Points

• Cybersecurity firm McAfee identified NoVoice malware disguised as legitimate system cleaners, image galleries, and games.
• The malware exploits older Android vulnerabilities to gain root access, steal user data, and silently install or remove applications.
• Infected devices may retain the malware even after a factory reset due to recovery scripts stored on the system partition.
• Google confirmed that devices updated with security patches released after May 2021 are protected against these specific exploits.
• Google Play Protect has been updated to automatically remove the malicious apps and block any new installation attempts.

Why it Matters

This incident highlights significant security vulnerabilities within the official Google Play Store ecosystem despite Google's strict oversight policies. It underscores the critical importance of maintaining current software updates, as older devices remain susceptible to persistent malware that can bypass standard factory reset procedures.