Check Point’s researchers have discovered a new variant of Joker Malware in Google’s Play Store. Google had already removed 24 apps last year which were infiltrated with Joker Malware, before its removal it had already been installed over 4,72,000 times by android users. Earlier this year, Google has also removed 1,700 apps from Play Store that were reportedly infected with malware similar to the Joker malware. However, these apps were taken down before anyone could download them.
The hackers have particularly targeted users in 37 countries including India, China, Australia, Austria, Belgium, Brazil, Cyprus, Egypt, France, Germany, Norway, Poland, Portugal, Qatar, Republic of Argentina, Ghana, Greece, Honduras, Indonesia, Ireland, Italy, Kuwait, Malaysia, Myanmar, Netherlands, Serbia, Singapore, Slovenia, Spain, Sweden, Switzerland, Thailand, Turkey, Ukraine, United Arab Emirates, United Kingdom, and the United States.
This time Google has removed 11 apps from Play Store that were infected with the notorious Joker malware.
Apps removed from Google Play Store:
- com.hmvoice.friendsms ( removed twice )
This updated version of Joker malware can download additional malware into your device, which in turn performs many illegal actions such as subscribe to premium services, read all the SMS’s, simulation of ad clicks, and steal device info, all without owner’s information.
The Joker Malware was able to get past Play Store’s security and vetting barriers by making small changes to its code. According to a security researcher at Check Point “malicious actor behind Joker adopted an old technique from the conventional PC threat landscape and used it in the mobile app world to avoid detection by Google.”
It is advised that users check their devices for listed package names and uninstall them if they find it. Additionally, they should also get a security solution for the devices and check for subscription in their credit card and mobile bills.