Another day, another Android malware – This time; The Joker malware is here not to creep you out but steal from you.
While “The Joker” might be your favorite villain fighting the dark knight, a new malware that goes by the name of it may not entertain you.
It has been recently discovered by researcher Aleksejs Kuprins, that The Joker malware infected 24 apps on the Google Play Store which had over 472,000 installations.
See: New Android ransomware uses pornographic posts to infect devices
After successfully being deployed, the malware tricks and scams users by signing them up for premium subscription services all without their knowledge. It does so by using the background component and stealthily clicking on advertisements and other processes intended to reach its final goal.
Finally, since an authorization code would be required usually for confirming payments, it accesses the user’s SMS messages and copies any code needed.
However unlike most malwares, it only targets users in specific countries. This is evident as the apps infected contain mobile country codes from which the sim should belong to for it to receive the payload.
For example, in Denmark, Joker can silently sign the victim up for a 50 DKK/week service (roughly ~6,71 EUR). This strategy works by automating the necessary interaction with the premium offer’s webpage, entering the operator’s offer code, then waiting for a SMS message with a confirmation code and extracting it using regular expressions. Finally, the Joker submits the extracted code to the offer’s webpage, in order to authorize the premium subscription, wrote Kuprins in his blog post.
For the time being, Google has removed the apps from its store but if you happen to have one installed, it’s time to get rid of it. Here’s the list of those apps:
- Advocate Wallpaper
- Age Face
- Altar Message
- Antivirus Security – Security Scan
- Beach Camera
- Board picture editing
- Certain Wallpaper
- Climate SMS
- Collate Face Scanner
- Cute Camera
- Dazzle Wallpaper
- Declare Message
- Display Camera
- Great VPN
- Humour Camera –
- Ignite Clean
- Leaf Face Scanner
- Mini Camera
- Print Plant scan
- Rapid Face Scanner
- Reward Clean
- Ruddy SMS
- Soby Camera
- Spark Wallpaper
Remember, lately, Play Store has been making headlines espically for being home to apps infected with dangerous malware. Just a couple of days ago, over 400 Flashlight apps on Play Store were caught asking unnecessary and dangerous permissions to access private data of Android users.
See: Simjacker vulnerability lets attackers track your location with an SMS
If you are on Android there are certian precautions you need to take before downloading an app for instence, use reliable anti-virus software, scan your device regulerly and avoid downloading unessirry apps from Play Store and third-party platforms.
Did you enjoy reading this article? Like our page on Facebook and follow us on Twitter.