Joker Malware – Still A Force to be Reckoned With
The Joker malware, first discovered in 2017, has once again made news as cybersecurity researchers have discovered six apps on the Google Play store that have been compromised with the Joker malware. The six apps have a combined total of over 200,000 downloads.
The Joker malware operates by masquerading as a legitimate application in the Play Store but conducts billing fraud once it has been downloaded and installed on the victim’s phone. It does so by either sending SMS messages to a premium rate number or using the victim’s account to repeatedly make purchases using WAP (Wireless Application Protocol) billing. The fraudulent activity takes place behind the scenes, often times with little to no input needed from the victim, leaving them unaware that they have been scammed until their next phone bill.
Google has removed over 1,700 apps containing the Joker malware from the Play Store since 2017, but researchers at Pradeo have proven that the malware continues to infest the Play Store by uncovering the six new malicious apps.
The following six applications (and their respective number of downloads) were discovered to be infected with the Joker malware:
- Convenient Scanner 2 (100,000+)
- Separate Doc Scanner (50,000+)
- Safety AppLock (10,000+)
- Push Message-Texting&SMS (10,000+)
- Emoji Wallpaper (10,000+)
- Fingertip GameBox (1,000+)
The six applications were quickly removed from the Play Store once the disclosure was made to Google from Pradeo. Any users who have downloaded and installed any of the compromised applications are urged to remove them immediately.
For a more detailed discussion on the Joker malware, visit our earlier posts on the subject:
Sources: