This virus, which has been active since at least 2017, stands out with its ability to bypass Google Play’s security mechanisms and reach the official Android store under different application types.

According to Eset, a proactive cyber threat detection company, this malware is classified as spyware. It is characterized by intercepting SMS messages reaching the victim’s device and subscribing to premium services and showing unwanted advertisements.

Between April and June 2022, there were several apps on Google Play that were removed after the presence of this Trojan was reported. One of the latest apps is called PDF Reader Scanner.

The app was downloaded more than 5,000 times before it was removed from the store. And according to data from Eset, detections of the variant of this malware lurking in this app have been recorded in several countries, including Latin America.

Also, there are constant reports of apps deploying this Trojan on Google Play until 2022. Dozens of malicious apps have been reported on Twitter in recent months. Some save up to 10,000 downloads. One of the reasons Joker has managed to break through Google Play’s security barriers is because malicious actors are constantly looking for new techniques to be effective.

Each of the applications They wanted to add features like QR code readers, wallpaper apps, camera plugins, emojis to the phone. for apps that send messages, among other topics.

Many of the applications that perform the promised function are also downloaded, as well as malicious components that allow attackers to perform actions in the background without the victim noticing.
For example, accessing the contact list, capturing SMS messages and also subscribing to premium services. Second, it causes economic losses for the victim. However, it has other capabilities, such as adding an extra layer on top of legitimate apps to steal credit card information.

In 2020, Google reported that it removed more than 1,700 apps containing this malware from Google Play. In October 2021 and at the peak of The Squid Game seriesThere was an app that Joker distributed that offered wallpapers from the series and was downloaded more than 5,000 thousand times.

“While one of the main recommendations we usually make is to download apps from official stores like Google Play, One thing that characterizes the Joker is that it can escape the controls of the official Android store and even offer itself for download. Therefore, besides avoiding downloading apps from unknown repositories, it’s important to review reviews and see other users’ ratings of the app’s performance and number of downloads, read who is the developer. the app we want to download, etc.”, says Camilo Gutiérrez Amaya, Head of ESET Latin America Research Lab.

These are some of the apps that only distribute the Joker malware, which was reported in June 2022.Most of them have been removed from Google Play:

All QRCode Scanner

PDF Scanner Reader

Wow Translator

Rainy Day Wallpaper

・Neon Live Wallpaper

Abundant Emoji Messages

・Cute Photo Editor

All Wallpaper SMS

All Photo Translator

Smart CMM Launcher

· CamHipro

Great Messages

Sketch Photo Editor

Blood Sugar Diary

bubble message

Create Photo Stickers

Glowing Live Wallpaper

Toy Blast Star-Hawk

RGB Emoji Keyboard

Camera Translator Professional

Among the security recommendations, paying attention to the permissions requested by the applications when installing, because if you’re vigilant, you may find that some apps are asking for unnecessary permissions that could warn you of a suspicious intent. Finally, it is recommended to install a reliable security solution on your phone and keep it up to date.

Uber assures the investigation found nothing about Colombia

Plato, an AI system that can learn like babies

Source: Exame

Previous articleWhy pay more: Apple will launch an inexpensive VR/AR helmet
Next articleWikipedia: Against inaccuracies and false citations comes an AI developed by Meta

LEAVE A REPLY

Please enter your comment!
Please enter your name here