Eleven Apps on the Play Store Were Actually Hiding the Joker Malware
Check Point cybersecurity researchers have discovered that the infamous Joker virus has made a comeback on the Play Store. Malware active since 2017 has been spotted in no less than 11 innocent-looking applications. In all, these apps have accumulated more than 500,000 downloads, claiming as many potential victims.
The Joker malware has identified to steal the bank details of its victims. He can also have access to SMS, emails, and other notifications which allows him to intercept authentication codes, retrieve names and other personal data, subscribe to his victims to paid services, and click on advertisements. or malicious.
'joker' Evolves to Continue Evading Google Police
Originally, “Joker” was funded by subscribing to premium SMS services which, if not caught in time, have worryingly inflated our phone bills. By January, the malware had grown through various code changes, and the WAP billing was largely used. A payment method for operators previously untouched but still active, and which has been used by "Joker" to keep spending our money.
'Joker' continues to be tweaked from time to time to bypass Google Play Protect's security checks and hide in seemingly legitimate apps, but at Check Point Research They tracked it down, posting their findings in a public report that you can check it out here.
The new updated version of "Joker" is capable of downloading additional malware onto our Android phones and tablets, malware which in turn subscribes to premium services at cost to affected users. In the latest disclosure, Check Point Research is located up to 11 different package names in different apps that Google has already withdrawn from the Play Store.
Precautions to Take
For CheckPoint cybersecurity researcher Aviran Hazum, the protection measures put in place by Google on the Play Store are not sufficient to stop malicious applications. “We were able to identify many uploads of Joker on the Google Play Store every week, all of which were downloaded by inexperienced users.
Despite the investments made by Google to protect its platform, Joker malware is complicated to detect. And even though the fraudulent apps have been removed from it, we can expect a mutation of the malware. Everyone must take the time to understand what Joker is and what damage it can cause to the average citizen, ”he explains.
Do Not Download These Apps
The authors of the malware make sure to develop applications that actually provide the advertised service - photo filter or otherwise - in order to lull the vigilance of the victims. As for Google's security measures, hackers make sure to hide the malicious code while it passes the validation phase. Once it is done, they activate the malware remotely and thus can recover sensitive data from their victims' phones.
Here is the list of the eleven applications infected with the Joker virus:
- Image Compress
- WithMe Texts
- FriendSMS
- Relaxation Relaxation
- Cherry Messages
- LovingLove Message
- Recover files
- RemindMe Alarm
- Training Memory Game
Informed of the problem, Google proceeded to remove the problematic applications from the Play Store. If you have downloaded any of these applications, you are advised to uninstall it and run a virus scan with a help of professional antivirus like total security software. Also, check your bank account to make sure that no unexplained transactions were made without your knowledge.
Comments
Post a Comment