Google removes 6 malicious apps infected with Joker malware
Sep 2, 2020, 16:57 IST
Cybersecurity researchers on Wednesday said they discovered six apps on Google Play store with over 2 lakh downloads in total that were infected with the infamous Joker malware.
The apps are: Convenient Scanner 2, Safety AppLock, Push Message-Texting & SMS, Emoji Wallpaper, Separate Doc Scanner and Fingertip GameBox, reports cyber security firm Pradeo.
"The infected applications have now been deleted from Google Play, but are still installed on the devices of their users," Pradeo said.
Joker is a malicious bot (categorised as Fleeceware) whose main activity is to simulate clicks and intercept SMS to subscribe to unwanted paid premium services unbeknownst to users.
By using as little code as possible and thoroughly hiding it, Joker generates a very discreet footprint that can be tricky to detect.
In the last year, the malware was found hiding in hundreds of apps.
"Users are advised to immediately delete them from their device to avoid fraudulent activities," the cyber security firm advised.
Google has removed over 1,700 apps containing Joker malware from the Play Store since 2017.
In July this year, researchers at cybersecurity firm Check Point discovered a new variant of the Joker Dropper and Premium Dialer spyware in Google Play.
Hiding in seemingly legitimate applications, this updated version of Joker was able to download additional malware to the device, which subscribes the user to premium services without their knowledge or consent.
SEE ALSO:
Google blocked an average of 18 million daily malicious coronavirus messages to Gmail users in the past week as hackers try to capitalize on fear and less secure remote-work setups
Advertisement
The apps are: Convenient Scanner 2, Safety AppLock, Push Message-Texting & SMS, Emoji Wallpaper, Separate Doc Scanner and Fingertip GameBox, reports cyber security firm Pradeo.
"The infected applications have now been deleted from Google Play, but are still installed on the devices of their users," Pradeo said.
Joker is a malicious bot (categorised as Fleeceware) whose main activity is to simulate clicks and intercept SMS to subscribe to unwanted paid premium services unbeknownst to users.
By using as little code as possible and thoroughly hiding it, Joker generates a very discreet footprint that can be tricky to detect.
Advertisement
"Users are advised to immediately delete them from their device to avoid fraudulent activities," the cyber security firm advised.
Google has removed over 1,700 apps containing Joker malware from the Play Store since 2017.
In July this year, researchers at cybersecurity firm Check Point discovered a new variant of the Joker Dropper and Premium Dialer spyware in Google Play.
Hiding in seemingly legitimate applications, this updated version of Joker was able to download additional malware to the device, which subscribes the user to premium services without their knowledge or consent.
Advertisement
Joker, one of the most prominent types of malware for Android, keeps finding its way into Google's official application market as a result of small changes to its code, which enables it to get past the Play store's security and vetting barriers.SEE ALSO:
Google blocked an average of 18 million daily malicious coronavirus messages to Gmail users in the past week as hackers try to capitalize on fear and less secure remote-work setups