Mischievous Joker Android Malware Sneaks Into Googe Play Again, Delete These Apps Now

Android Dolls

An Android malware analyst at Kaspersky continues to reveal apps in Google play that will seem reliable at first look, however even have a sinister underside. Every of the almost two dozen apps (to date) recognized since late July include a Joker trojan, which itself includes a bag of devious methods to swindle victims out of their cash, spy on textual content messages, and extra.

This has turn into a kind of cat-and-mouse sport between the malware creator(s) and Google. For over a yr now, Joker has been discovering its approach into the Play Retailer because it will get upgraded with new methods of evading detection by Google’s vetting course of. Apps containing new variants of Joker ultimately get uncovered, however can rack up hundreds of downloads within the meantime.

Such is the case now with a rising checklist of Android apps that Kaspersky’s Tatyana Shishkova has been monitoring and naming on Twitter.

Android Apps
Click on to Enlarge (Supply: Kaspersky)

The latest of the bunch embrace a battery charging animation app, and an app that purportedly lets Android customers configure flashing mild alerts when receiving a cellphone name or textual content message. Luckily, Google banned each apps from the Play Retailer earlier than they might unfold to a big quantity of units (simply round a dozen between the 2), however that hasn’t been the case with all of them.

Here is an inventory of the apps Joker infested Android apps recognized prior to now a number of months, together with the variety of installations each has managed earlier than being kicked from the Play Retailer…

  • Battery Charging Animation Bubble Results: 10+
  • Flashlight Flash Alert on Name: 1+
  • Straightforward PDF Scanner: 10+
  • Sensible TV Distant: 1,000+
  • Hall0ween Coloring: 1+
  • Traditional Emoji Keyboard: 5,000+
  • Quantity Booster Louder Sound Equalizer: 100+
  • Tremendous Hero-Impact: 5,000+
  • Battery Charging Animation Battery Wallpaper: 1,000+
  • Dazzling Keyboard: 10+
  • EmojiOne Keyboard: 50,000+
  • Now QRcode Scan: 10,000+
  • Blender Picture Editor-Straightforward Picture Background Editor: 5,000+
  • QR Code Scanner: 0+
  • Free QR Scanner: 0+
  • Kitty LockScreen: 100+
  • Digicam Translator: 1,000+
  • Free Speak Message: 10,000+
  • Import QR Scanner: 1,000+
  • Miniature Pictures: 1+
  • 3D Stay Wallpaper: 10,000+
  • Free OpenScan: Not talked about
  • Spotlight Picture Editor: Not talked about
Collectively these apps account for greater than 99,000 installs based on Shishkova’s Twitter history. Google has banned every of the above apps from the Play Retailer, however for those who already put in any of them it’s best to delete them out of your handset or pill instantly.
The Joker malware isn’t any laughing matter. It has the flexibility to steal textual content messages, contact lists, and system data. It may well additionally secretly subscribe customers to premium companies, so there is a billing fraud angle to the malware as effectively.
In July 2020, Examine Level’s Aviran Hazum warned that Google’s Play Retailer protections weren’t sufficient to cease Joker useless in its tracks, because the safety outfit was detecting new uploads each day. He additionally warned that “we are able to totally anticipate Joker to adapt” as Google takes measures to vet apps, and that prediction has confirmed correct.

Be the first to comment

Leave a Reply

Your email address will not be published.