Google's Play Store recently became home to a number of apps infected by the popular Joker malware yet again as discovered by California-based IT security company called Zscaler. While the apps have now been removed from the Google Play Store, they need to be removed if they are present on your smartphone for they can steal your money. Read on to know more about this.
17 Android apps found with Joker malware
As per the report by Zscaler, 17 Android apps were recently found with the Joker malware. For those who don't know, the Joker malware is a popular kind and can steal users' SMS messages, contact lists, and device information. It can even sign up users for premium wireless application protocol (WAP) services without their knowledge.
The malware has been found infecting several Android apps and every time it comes back to infect more with changed code, execution methods, or payload-retrieving techniques.
It is suggested that the infected apps were regularly downloaded and had over 1,20,000 installs on the Google Play Store. Here is the list of apps that were affected:
- All Good PDF Scanner
- Mint Leaf Message-Your Private Message
- Unique Keyboard - Fancy Fonts & Free Emoticons
- Tangram App Lock
- Direct Messenger
- Private SMS
- One Sentence Translator - Multifunctional Translator
- Style Photo Collage
- Meticulous Scanner
- Desire Translate
- Talent Photo Editor - Blur focus
- Care Message
- Part Message
- Paper Doc Scanner
- Blue Scanner
- Hummingbird PDF Converter - Photo to PDF
- All Good PDF Scanner
It is suggested that Joker malware bypassed the Google Play Store in three ways. The first method included direct download wherein the payload was delivered via direct URL via the command and control (C&C) server. The second method included a one-stage download that required a stager payload to download the final payload, while the third method (two-stage download) required two-stager payload to download the final payload. You can know more about this by heading over here.
To remain safe from such malicious apps, users are advised to keep an eye on the type of permissions an app asks for. It's always best to read the comments and reviews of the apps before downloading them.