The Joker malware is active again with another notorious scheme. The Joker malware is famous for hacking into several google apps for android.
The Zscaler’s ThreatLabZ team has detected a new variant of the Joker malware which were distributed using 11 different apps that were present in the Google Play Store, namely, Free Affluent Message, PDF Photo Scanner, Delux Keyboard, Comply QR Scanner, PDF Converter Scanners, Font Style Keyboard, Translate Free, Saying Message, Private Message, Read Scanner, and Print Scanners. The security team of google android took prompt action to take down all the infected apps from the play store.
Some interesting facts came to light upon investigation. It was discovered that the authors of the malware used the system of name dictionaries for the name of publishers of their malicious app. Also, for bypassing the security measures of Google Play Store, they used shortener services for URLs.
The authors of the malware have been seen to repeatedly target some specific categories of apps in different campaigns, with categories mostly being tools, health and fitness, photography, communication and personalization. The Joker malware were accused by the Quick Heal security labs of having around eight malware-laden apps that have the capability of stealing SMS, contact list, and other such sensitive information.
Just by being present in the Google Play Store does not mean that the app is legitimate. The Joker malware is constantly coming up with updated techniques to bypass the security system of google. Also, such apps can be present in third party app stores. So, users must exercise caution while accessing any app store and be sure before downloading any application.