Malicious Joker malware for Android reappears on Google Play; Delete these apps immediately

 Malicious Joker malware for Android reappears on Google Play;  Delete these apps immediately

Such is the case now with a growing list of Android apps that Kaspersky’s Tatyana Shishkova has been tracking and naming on Twitter. Click to Enlarge (Source: Kaspersky) The newest of the bunch include a battery charging animation app, and an app that purportedly lets Android users configure flashing light alerts when receiving a phone call or text message. Fortunately, Google banned both apps from the Play Store before they could spread to a significant amount of devices (just around a dozen between the two), but that hasn’t been the case with all of them. Here’s a list of the apps Joker infested Android apps identified in the past several months, along with the number of installations each one has managed before being kicked from the Play Store.

An Android malware expert at Kaspersky Lab continues to uncover apps in Google Play that look respectable at first sight but have a dangerous underbelly. Since late July, over two dozen applications have been found as containing a Joker trojan, which includes a slew of clever methods for swindling users out of money, spying on text conversations, and more. This has devolved into a game of cat and mouse between the virus author(s) and Google. Joker has been making its way into the Play Store for over a year now, as it is updated with new techniques to avoid detection by Google’s screening procedure. Apps containing new Joker varieties are ultimately uncovered, but they can amass thousands of downloads in the meanwhile.

Highlights

  • In July 2020, Check Point’s Aviran Hazum warned that Google’s Play Store protections were not enough to stop Joker dead in its tracks, as the security outfit was detecting new uploads on a daily basis. He also warned that “we can fully expect Joker to adapt” as Google takes measures to vet apps, and that prediction has proven accurate.

  • Collectively these apps account for more than 99,000 installs according to Shishkova’s Twitter history. Google has banned each of the above apps from the Play Store, but if you already installed any of them you should delete them from your handset or tablet immediately. The Joker malware is no laughing matter. It has the ability to steal text messages, contact lists, and device information. It can also secretly subscribe users to premium services, so there’s a billing fraud angle to the malware as well.