Android malware is becoming increasingly prevalent as more and more users come online. However, there is an enormous threat present on the Internet that can cause a lot of trouble for users. This happens through smartphone malware, which can steal user data, compromise user privacy, snoop on other apps and encrypt data. The Joker malware is an infamous example of Android malware, which has also managed to spread undetected via the Google Play Store.
Cybersecurity researchers have found that a total of 11 apps were recently discovered that were infected with the Joker malware and were found on the Play Store, as spotted by ZDNet – the researchers said the apps can also 'conduct financial fraud'. They had managed to notch up 30,000 installs on the store. The researchers, from Zscaler's ThreatLabz found that the apps offered features for productivity, communication and other utilities like keyboards. Google has reportedly already removed these apps from the Play Store.
How they lured users: The Joker malware is notorious for aggressive 'billing' by signing up users for premium services using SMS. The app also attempts to hide its tracks by using the 'read notifications' permission to hide any sign-up messages. Unlike the previous versions of the malware, the new Joker variants are using a novel method of infecting the device. It downloads the malware "payload" using URL shorteners. That means it uses links like TinyURL, bit.ly, Rebrand.ly, zws.im, 27url.cn and others in order to mask the real server names it downloads the malicious payload from.
Joker Malware bypasses Google security: However, what is really worrying is that the malware repeatedly manages to get back onto the Play Store, despite Google's protection. The company uses its internal Bouncer checks for apps submitted to the Play Store, along with on-device scanning using Google Play Protect.
"Despite public awareness of this particular malware, it keeps finding its way into Google's official application market by employing changes in its code, execution methods, or payload-retrieving techniques," the researchers stated.
How users can protect themselves: In order to keep their data safe while using their Android smartphone and prevent unauthorised charges, users must make sure they only install well-known apps from the Google Play Store. Doing ones own research about an app can help keep unwanted apps at bay while checking the negative reviews on an app can also reveal what a user can expect if they download the app.
Users can also download a security tool like Malwarebytes or Sophos Mobile to quickly scan and remove unwanted malware from their device. – Hindustan Times, New Delhi/Tribune News Service