Joker Trojan discovered in 11 Android apps: Reports

As more people use the internet, Android malware is getting more common.

 

On the other hand, there is a huge hazard on the Internet that can cause a lot of problems for consumers.

 

Smartphone malware can steal user data, breach user privacy, snoop on other apps, and encrypt data.

 

The Joker malware is a well-known example of Android malware that goes unnoticed in the Google Play Store.

 

According to ZDNet, cybersecurity researchers uncovered a total of 11 apps infected with the Joker malware that were recently discovered on the Play Store.

 

 

Apps found with joker malware
Source: zScaler

 

 

The apps can also ‘commit financial fraud,’ according to the researchers.

 

They’d had over 30,000 downloads on the app store.

 

The apps promised capabilities for work, communication, and other conveniences like keyboards, according to the researchers from Zscaler’s ThreatLabz.

 

These apps have reportedly been removed from the Google Play Store.

 

The Joker trojan is known for aggressive ‘billing’ by exploiting SMS to sign victims up for premium services.

 

The app also attempts to disguise its traces by hiding any sign-up messages using the ‘read notifications’ permission.

 

The new Joker variants, unlike prior versions of the malware, have a different manner of infecting the device.

 

It uses URL shorteners to download the malware’s payload.

 

Which means, it hides the real server names it downloads the malicious payload from by using links like TinyURL, bit.ly, Rebrand.ly, zws.im, 27url.cn, and others.

 

Joker trojan sneaks through Google’s security: What’s more concerning is that the virus manages to resurface on the Play Store despite Google’s protection.

 

For apps uploaded to the Play Store, the firm uses its internal Bouncer tests, as well as on-device scanning with Google Play Protect.

 

 

Joker malware target category
Source: zScaler

 

 

According to the researchers, despite widespread awareness of this trojan, it continues to make its way into Google’s official app store by modifying its code, execution methods, or payload-retrieving strategies.

 

How can Android users protect themselves?

  • Users must only download well-known apps from the Google Play Store in order to keep their data safe and avoid unauthorized charges while using their Android smartphone.
  • Considering the negative reviews on an app might also tell what a consumer can expect if they download it.
  • Users can also use antivirus programs to scan and remove viruses from their device immediately.

 

 

 

You might also like:

XLoader windows info-stealer malware now designed to attack macOS

WiFiDemon – iPhone Wi-Fi bug could also enable RCE

Pegasus Project – Spyware used to target journalist, activists and others