Android Malware Campaign with Rootkit Capabilities
Posted: Mon Apr 27, 2026 9:08 am
Operation NoVoice – Android Malware Campaign with Rootkit Capabilities
Operation NoVoice is a recently reported Android malware campaign discovered by McAfee’s mobile research team. The campaign involved more than 50 Android apps that were available through Google Play and reportedly reached around 2.3 million downloads.
This is not a normal adware or spam campaign. According to security researchers, NoVoice used older Android vulnerabilities to gain deep system access and install a persistent rootkit.
What Makes Operation NoVoice Dangerous?
The dangerous part of this malware is its persistence and depth of control. Once successful, the malware could gain root-level access on vulnerable Android devices.
Possible impact includes:
Operation NoVoice is a recently reported Android malware campaign discovered by McAfee’s mobile research team. The campaign involved more than 50 Android apps that were available through Google Play and reportedly reached around 2.3 million downloads.
This is not a normal adware or spam campaign. According to security researchers, NoVoice used older Android vulnerabilities to gain deep system access and install a persistent rootkit.
What Makes Operation NoVoice Dangerous?
The dangerous part of this malware is its persistence and depth of control. Once successful, the malware could gain root-level access on vulnerable Android devices.
Possible impact includes:
- Root-level device compromise
- Injection of malicious code into other apps
- Data theft and account abuse
- Persistence even after a factory reset
- Difficult removal without reflashing the device firmware