December 4, 2021

Mischievous Joker Android Malware Sneaks Into Google Play Once more, Delete These Apps Now


Android Dolls

An Android malware analyst at Kaspersky continues to show apps in Google play which will seem official at first look, however even have a sinister underside. Every of the practically two dozen apps (to date) recognized since late July comprise a Joker trojan, which itself contains a bag of devious methods to swindle victims out of their cash, spy on textual content messages, and extra.

This has turn out to be a kind of cat-and-mouse sport between the malware writer(s) and Google. For over a 12 months now, Joker has been discovering its method into the Play Retailer because it will get upgraded with new methods of evading detection by Google’s vetting course of. Apps containing new variants of Joker ultimately get uncovered, however can rack up hundreds of downloads within the meantime.

Such is the case now with a rising checklist of Android apps that Kaspersky’s Tatyana Shishkova has been monitoring and naming on Twitter.

Android Apps
Click on to Enlarge (Supply: Kaspersky)

The latest of the bunch embody a battery charging animation app, and an app that purportedly lets Android customers configure flashing mild alerts when receiving a cellphone name or textual content message. Happily, Google banned each apps from the Play Retailer earlier than they may unfold to a major quantity of gadgets (simply round a dozen between the 2), however that hasn’t been the case with all of them.

Here is a listing of the apps Joker infested Android apps recognized prior to now a number of months, together with the variety of installations each has managed earlier than being kicked from the Play Retailer…

  • Battery Charging Animation Bubble Results: 10+
  • Flashlight Flash Alert on Name: 1+
  • Straightforward PDF Scanner: 10+
  • Good TV Distant: 1,000+
  • Hall0ween Coloring: 1+
  • Basic Emoji Keyboard: 5,000+
  • Quantity Booster Louder Sound Equalizer: 100+
  • Tremendous Hero-Impact: 5,000+
  • Battery Charging Animation Battery Wallpaper: 1,000+
  • Dazzling Keyboard: 10+
  • EmojiOne Keyboard: 50,000+
  • Now QRcode Scan: 10,000+
  • Blender Picture Editor-Straightforward Picture Background Editor: 5,000+
  • QR Code Scanner: 0+
  • Free QR Scanner: 0+
  • Kitty LockScreen: 100+
  • Digicam Translator: 1,000+
  • Free Discuss Message: 10,000+
  • Import QR Scanner: 1,000+
  • Miniature Pictures: 1+
  • 3D Stay Wallpaper: 10,000+
  • Free OpenScan: Not talked about
  • Spotlight Picture Editor: Not talked about
Collectively these apps account for greater than 99,000 installs in keeping with Shishkova’s Twitter history. Google has banned every of the above apps from the Play Retailer, however for those who already put in any of them you need to delete them out of your handset or pill instantly.
The Joker malware is not any laughing matter. It has the flexibility to steal textual content messages, contact lists, and system info. It may possibly additionally secretly subscribe customers to premium companies, so there is a billing fraud angle to the malware as effectively.
In July 2020, Verify Level’s Aviran Hazum warned that Google’s Play Retailer protections weren’t sufficient to cease Joker useless in its tracks, because the safety outfit was detecting new uploads every day. He additionally warned that “we will totally anticipate Joker to adapt” as Google takes measures to vet apps, and that prediction has confirmed correct.

Leave a Reply

Your email address will not be published. Required fields are marked *