Joker malware has resurfaced again and have been downloaded over 5 lakh times before they were removed from the app store.
Pradeo, a mobile security research firm, discovered the Joker malware in an Android-based app named Color Message. Over 5 lakh people have downloaded the app. In the meantime, the Joker malware has been operating for at least two years. According to Pradeo, Joker malware is a Fleeceware, and its main function is to simulate clicks and intercept SMS in order to subscribe to premium paid services that the user does not want. All of this is carried out by the Joker malware without the users’ knowledge or consent.
The malware makes use of as little code as possible and hides it well, resulting in a very small footprint that is difficult to detect. Furthermore, the Joker malware has been discovered in hundreds of apps during the last two years, according to Pradeo.
Color Message, the app in which the malware was discovered, was found to be connected to Russian servers. While the app has since been deleted from the Google Play Store, screenshots released by Pradeo show that it was disguised as a messaging platform designed to make texting fun, beautiful, and easy. Moreover, despite the fact that many reviewers gave Color Message a one-star rating, the app’s average score was 4.1 stars.
According to the mobile security firm’s study of the app, it was accessing users’ contact lists and sending them across the network in an unauthorised manner. Meanwhile, without the user’s knowledge, the app was automatically subscribing to unwanted paid premium services. Pradeo further stated that the app made it difficult for users to uninstall it by hiding its icon once it was installed on the smart device.
The firm added that previous apps containing Joker malware had been downloaded between 1,000 and 1 lakh times before being removed from the Google play store. However, it appears that after users uninstall the app, the spyware is likewise removed from the smart device.