Recently, Google removed 6 malicious apps with 2 lakh downloads from Google Play Store. Read on to know more…
Recently, cybersecurity researchers revealed that they discovered six apps on Google Play store with over 2 lakh downloads in total that were infected with the dreaded Joker malware. According to researchers at cybersecurity company Pradeo, Google has removed over 1,700 apps containing Joker malware from the Play Store since 2017. In the last year, the Joker malware was found hiding in hundreds of apps.
The deleted apps from Google Play Store includes Convenient Scanner 2, Safety AppLock, Push Message-Texting & SMS, Emoji Wallpaper, Separate Doc Scanner and Fingertip GameBox, reports cyber security firm Pradeo.
In July this year, researchers at cybersecurity firm Check Point discovered a new variant of the Joker Dropper and Premium Dialer spyware in Google Play.
About Joker Malware
Joker is a malicious bot categorised as Fleeceware whose main activity is to simulate clicks and intercept SMS to subscribe to unwanted paid premium services unknown to users. In a broader sense, Joker is a ‘trojan’ malware which is activated only when a user interacts with it in the form of an app installation as such.
Repercussions
Of the six apps uncovered as delivering Joker, one called ‘Convenient Scanner 2’ has been downloaded over 100,000 times alone, while ‘Separate Doc Scanner’ has been downloaded by 50,000 users.
Another app, ‘Safety AppLock’, claims to ‘protect your privacy’ and has been installed 10,000 times by unfortunate victims who will eventually find that the malicious download harms, rather than protects, them. Two more apps have also received 10,000 downloads each – ‘Push Message-Texting&SMS’ and ‘Emoji Wallpaper’, while one named Fingertip GameBox has been downloaded 1,000 times.
Working Mechanism
Joker, one of the most prominent types of malware for Android, keeps finding its way into Google’s official application market as a result of small changes to its code, which enables it to get past the Play store’s security and vetting barriers. In several cases, the malicious apps have been able to bypass the defences of the Play Store by submitting clean apps to begin with, only to add malicious functionalities at a later date.
The Joker malware hides in seemingly legitimate applications and is capable of accessing SMS and other device information. The latest version of Joker was able to download additional malware to the device and then the malware discreetly subscribes to premium services from infected devices without user’s consent or knowledge.
The activity occurs behind the scenes and without any input required from the user, meaning they often won’t find out that they’ve been scammed until they receive a phone bill full of additional charges.