More six apps have been taken down from the Google Play Store after cybersecurity researchers found another highly effective malware inside them that has been putting Android users in trouble for almost three years now. And the worst part is that together these apps have 200,000 downloads.
The Joker malware (as it is named by that) first comes attached as a part of the legitimate app in the Play Store. But as soon as a user installs the app, the malware begins with a billing fraud either by sending an SMS to the premium rate number or it uses the account number of the victim to make purchases on a continuous basis with WAP billing.
Unfortunately, the whole process takes place behind the screens and that also means the victim neither gets a notification nor his input is required anywhere. The only time a targeted user can catch this fraud is when he or she receives the full phone bill along with additional charges.
As the Joker malware has been taking place within the apps since 2017, Google so far has removed 1,700 apps from the Play Store which were associated to the Joker in one way or the other. However, the malware still continues to emerge in different sets of apps and the latest addition in the list are now six more apps - which luckily have been spotted by cybersecurity research company Pradeo.
Among the six new apps, one is called “Convenient Scanner 2” and in terms of downloads, it is the biggest of them all with 100,000 downloads alone belonging to the app. The second on the list is “Separate Doc Scanner” that has 50,000 users and the third is “Safety AppLock” which, because of the claims of providing privacy and protection to the user, has been downloaded 10,000 times and it seems like all the users have been fooled with a malware instead.
There are two more apps with 10,000 downloads 'Push Message-Texting&SMS' and 'Emoji Wallpaper', whereas the last one is ‘Fingertip GameBox’ which has been downloaded 1,000 times.
Once Pradeo informed Google about the malware, all of these six apps were taken down from the app store immediately. And just in case, any user has one of the following apps installed on their Android devices, it is advised to remove them quickly.
Google’s Android Security & Privacy Team in one of its blog posts has described Joker as one of the consistent and biggest threats to the Play Store. The blog post went on to explain how attackers in recent past times have tried every cloaking and obfuscation technique only with the hope of going undetected. Furthermore, as the number of submissions in a single day was used to be massive - with up to 23 different apps - submitted in a single day with the malware, that has served to be a great reason why Joker malware got successful in escaping the gates of Play Store.
In many cases, developers have also first submitted clean apps to the Play Store and once they were up to be downloaded by Android users, only then malicious functionalities were added to them.
The authors of Joker have also been smart enough to post fake reviews in order to encourage users to download the app while considering it as a trust worthy one. However, the ones that Pradeo caught had negative reviews with users posting about the scam that they have been a victim of.
Last but not the least, the group behind Joker is still expected to be active and working on another tricks to make users download more apps that might contain even bigger frauds.
Read next: Researchers Conducted An Endurance Test To Determine The Best Security Product For Android: Avira, Bitdefender, G Data, Norton Trend Micro Are On Top, Google's Performance Is Still Not Satisfactory
The Joker malware (as it is named by that) first comes attached as a part of the legitimate app in the Play Store. But as soon as a user installs the app, the malware begins with a billing fraud either by sending an SMS to the premium rate number or it uses the account number of the victim to make purchases on a continuous basis with WAP billing.
Unfortunately, the whole process takes place behind the screens and that also means the victim neither gets a notification nor his input is required anywhere. The only time a targeted user can catch this fraud is when he or she receives the full phone bill along with additional charges.
As the Joker malware has been taking place within the apps since 2017, Google so far has removed 1,700 apps from the Play Store which were associated to the Joker in one way or the other. However, the malware still continues to emerge in different sets of apps and the latest addition in the list are now six more apps - which luckily have been spotted by cybersecurity research company Pradeo.
Among the six new apps, one is called “Convenient Scanner 2” and in terms of downloads, it is the biggest of them all with 100,000 downloads alone belonging to the app. The second on the list is “Separate Doc Scanner” that has 50,000 users and the third is “Safety AppLock” which, because of the claims of providing privacy and protection to the user, has been downloaded 10,000 times and it seems like all the users have been fooled with a malware instead.
There are two more apps with 10,000 downloads 'Push Message-Texting&SMS' and 'Emoji Wallpaper', whereas the last one is ‘Fingertip GameBox’ which has been downloaded 1,000 times.
Once Pradeo informed Google about the malware, all of these six apps were taken down from the app store immediately. And just in case, any user has one of the following apps installed on their Android devices, it is advised to remove them quickly.
Google’s Android Security & Privacy Team in one of its blog posts has described Joker as one of the consistent and biggest threats to the Play Store. The blog post went on to explain how attackers in recent past times have tried every cloaking and obfuscation technique only with the hope of going undetected. Furthermore, as the number of submissions in a single day was used to be massive - with up to 23 different apps - submitted in a single day with the malware, that has served to be a great reason why Joker malware got successful in escaping the gates of Play Store.
In many cases, developers have also first submitted clean apps to the Play Store and once they were up to be downloaded by Android users, only then malicious functionalities were added to them.
The authors of Joker have also been smart enough to post fake reviews in order to encourage users to download the app while considering it as a trust worthy one. However, the ones that Pradeo caught had negative reviews with users posting about the scam that they have been a victim of.
Last but not the least, the group behind Joker is still expected to be active and working on another tricks to make users download more apps that might contain even bigger frauds.
Read next: Researchers Conducted An Endurance Test To Determine The Best Security Product For Android: Avira, Bitdefender, G Data, Norton Trend Micro Are On Top, Google's Performance Is Still Not Satisfactory
