What exactly is Joker malware that affected applications on Google Play store?


By: Tech Desk | Brand new Delhi |

Updated: This summer 11, 2020 6:23:56 pm


Coronavirus, Coronavirus malware, Coronavirus hackers, Coronavirus fake news, Coronavirus scam (Image: Thinkstock, Getty)

Joker trojan offers found its way to Google Enjoy store once again. Last year, as well as recording in February the Joker spyware infected several apps which afterwards Google removed from the Play store. The malware has just as before made its way to the Enjoy store and affected some applications which could be installed on your telephone. Google has removed as many as 11 apps from the Play store.

The infected apps include:

com.imagecompress.android

com.loosen up.relaxation.androidsms

com.cheery.information.sendsms

com.peason.lovinglovemessage

com.contact.withme.texts

com.hmvoice.friendsms

com.file.recovefiles

com.LPlocker.lockapps

com.remindme.alram

com.training.memorygame

The Joker malware steals money from customers by subscribing them to paid subscribers without their consent. It initial simulates interaction with ads with no users’ knowledge and then steals the particular victim’s SMS messages including OTP to authenticate payments.

This means that the affected user may not know that they have been signed up for a compensated subscription service and that their cash has been deducted from their account except if they receive a message or notice stating their credit card statements, etc.

According to Check Point, “Joker keeps finding its way into Google’s official application market as a result of small changes to its code, which enables it to get past the Play store’s security and vetting barriers.” This time two new variants from the Joker Dropper and Premium Phone dialer spyware have been discovered in the Enjoy Store. These were found hiding within some “seemingly legitimate apps”.

The survey stated that this time the destructive actor behind Joker “adopted an old technique from the conventional PC threat landscape and used it in the mobile app world to avoid detection by Google.”

Ths time Joker malware used 2 components – “Notification Listener service that is part of the original application, and a dynamic dex file loaded from the C&C server to perform the registration of the user to the services.”

The survey further stated, “In an attempt to minimize Joker’s fingerprint, the actor behind it hid the dynamically loaded dex file from sight while still ensuring it is able to load – a technique which is well-known to developers of malware for Windows PCs. This new variant now hides the malicious dex file inside the application as Base64 encoded strings, ready to be decoded and loaded.”

If you might have any of the aforementioned apps on your mobile phone delete them immediately.

Check Point suggests that you must uninstall contaminated applications from your device and also look at your mobile and credit-card bills to check on if you have been signed up for any subscriptions plus unsubscribe. To prevent Joker malware through affecting in the future you must install a safety solution into your device.

📣 The Indian Express is now upon Telegram. Click here to join our channel (@indianexpress) and remain updated with the latest headlines

For all the latest Technology News, download Indian Express App.

© IE Online Media Providers Pvt Ltd



Source link

Recent Articles

Google is testing domain-only URLs in Chrome to assist foil scams and phishing

Google is experimenting with exhibiting domain names only in Chrome’s deal with bar as a substitute of full URLs. The function...

Microsoft floor duo telephone goes on sale in US beginning at $1,399

By: Bloomberg | Printed: August 12, 2020 11:14:57 pm The system has a 360-degree hinge and can be utilized in vertical or horizontal...

Do You Warmth Water, Milk And Tea In Microwave? Consultants Discovered A Higher Manner Of Doing It

Microwave heating is probably not uniform.While you warmth liquids like water, milk and tea in microwave, you will need to have seen a...

Odisha Board Class 12th Plus Two End result 2020 declared at www.chseodisha.nic.in, orissaresults.nic.in, bseodisha.ac.in

By: Education Desk | Chandigarh | Up to date: August 12, 2020 1:42:43 pm Odisha 12th science outcome 2020: Examine at orrisaresults.nic.in (Representational...

Reddit bans racist subreddit after co-founder Alexis Ohanian calls it out on Twitter

Reddit has banned one other group devoted to posting racist remarks on its platform — however solely after co-founder Alexis Ohanian...

Related Stories

Leave A Reply

Please enter your comment!
Please enter your name here

Stay on op - Ge the daily news in your inbox