With more and more people using the internet on the regular basis, incidents of dangerous malware affecting mobile phones are rising at a fast speed. The infamous Joker malware is back and has reportedly managed to spread undetected through Google Play store, yet again.
This isn’t the first time that we are hearing about Joker malware. Most malwares like Joker come with abilities to affect smartphone users and steal their personal data, snoop onto chats and others apps and sometimes also steal stored financial details such as debit and credit card details, among others.
Similar to past instances, Joker malware has managed to spread through the Google Play Store yet again. Cybersecurity researchers have discovered that the malware has spread through 11 Android apps in total on Play store. This was first reported by ZDNet. Some of these apps include: Translate Free, PDF Converter Scanner, Free Affluent Message, delux Keyboard, among others.
What is Joker malware and how does it work?
Researchers have discovered that these apps have managed to get over 30,000 installs. Such apps are said to conduct financial fraud. Researchers from Zscaler’s ThreatLabz have also found that these apps often trick users promising features for productivity, communication, and other utilities. Report suggests that Google has removed all 11 of these apps from the Play Store.
Unlike previous versions, the latest and updated edition of Joker malware uses a novel method of infecting a mobile device. The malware downloads the malware “payload” using URL shorteners, which means it uses links like TinyURL, bit.ly, Rebrand.ly, zws.im, 27url.cn, among others.
While Play store has removed these apps from the platform, what is worrying is that the malware manages to get back despite Google’s protection. Researchers have found that the malware uses its internal Bouncer checks for apps submitted to the Play Store and also on-device scanning using Google Play Protect. Researchers said, “despite public awareness of this particular malware, it keeps finding its way into Google’s official application market by employing changes in its code, execution methods, or payload-retrieving techniques.”
Tips to keep in mind
To protect your phone from getting affected with such malware in future, ensure to not download random apps from Play store. Users must check the developer’s name and all other details in the about section on Play store before downloading any app on their phone. Before downloading an app, users must check user reviews and rating first. As a precautionary measure, users can also download a security tool like Malwarebytes or Sophos Mobile, which quickly scans and removes unwanted malware from device.
