Updated: This summer 11, 2020 6:23:56 pm
Joker trojan offers found its way to Google Enjoy store once again. Last year, as well as recording in February the Joker spyware infected several apps which afterwards Google removed from the Play store. The malware has just as before made its way to the Enjoy store and affected some applications which could be installed on your telephone. Google has removed as many as 11 apps from the Play store.
The infected apps include:
The Joker malware steals money from customers by subscribing them to paid subscribers without their consent. It initial simulates interaction with ads with no users’ knowledge and then steals the particular victim’s SMS messages including OTP to authenticate payments.
This means that the affected user may not know that they have been signed up for a compensated subscription service and that their cash has been deducted from their account except if they receive a message or notice stating their credit card statements, etc.
According to Check Point, “Joker keeps finding its way into Google’s official application market as a result of small changes to its code, which enables it to get past the Play store’s security and vetting barriers.” This time two new variants from the Joker Dropper and Premium Phone dialer spyware have been discovered in the Enjoy Store. These were found hiding within some “seemingly legitimate apps”.
The survey stated that this time the destructive actor behind Joker “adopted an old technique from the conventional PC threat landscape and used it in the mobile app world to avoid detection by Google.”
Ths time Joker malware used 2 components – “Notification Listener service that is part of the original application, and a dynamic dex file loaded from the C&C server to perform the registration of the user to the services.”
The survey further stated, “In an attempt to minimize Joker’s fingerprint, the actor behind it hid the dynamically loaded dex file from sight while still ensuring it is able to load – a technique which is well-known to developers of malware for Windows PCs. This new variant now hides the malicious dex file inside the application as Base64 encoded strings, ready to be decoded and loaded.”
If you might have any of the aforementioned apps on your mobile phone delete them immediately.
Check Point suggests that you must uninstall contaminated applications from your device and also look at your mobile and credit-card bills to check on if you have been signed up for any subscriptions plus unsubscribe. To prevent Joker malware through affecting in the future you must install a safety solution into your device.
📣 The Indian Express is now upon Telegram. Click here to join our channel (@indianexpress) and remain updated with the latest headlines
© IE Online Media Providers Pvt Ltd