A new malware has been detected on the Google Play Store named as “The Joker”. This joker malware has been coded to steal SMS messages, Contact lists, sign users up for subscription services, and even can steal users monthly credit cards information.
Here is the list of those 24 infected Android apps:
Advocate Wallpaper
Age Face
Altar Message
Antivirus Security – Security Scan
Beach Camera
Board picture editing
Certain Wallpaper
Climate SMS
Collate Face Scanner
Cute Camera
Dazzle Wallpaper
Declare Message
Display Camera
Great VPN
Humour Camera
Ignite Clean
Leaf Face Scanner
Mini Camera
Print Plant scan
Rapid Face Scanner
Reward Clean
Ruddy SMS
Soby Camera
Spark Wallpaper
Cybersecurity researcher Aleksejs Kuprins explained the issue in detail in a Medium post. He writes:
“Over the past couple of weeks, we have been observing a new Trojan on GooglePlay. So far, we have detected it in 24 apps with over 472,000+ installs in total. The malware — going by the name “the Joker” (which was borrowed from one of the C&C domain names) — delivers a second-stage component, which silently simulates the interaction with advertisement websites, steals the victim’s SMS messages, the contact list and device info.”
“For example, in Denmark, Joker can silently sign the victim up for a 50 DKK/week service (roughly ~6,71 EUR). This strategy works by automating the necessary interaction with the premium offer’s webpage, entering the operator’s offer code, then waiting for a SMS message with a confirmation code and extracting it using regular expressions. Finally, the Joker submits the extracted code to the offer’s webpage, in order to authorize the premium subscription.”
There are 37 countries in the target list of this spyware includes: Australia, Austria, Belgium, Brazil, China, Cyprus, Egypt, France, Germany, Ghana, Greece, Honduras, India, Indonesia, Ireland, Italy, Kuwait, Malaysia, Myanmar, Netherlands, Norway, Poland, Portugal, Qatar, Republic of Argentina, Serbia, Singapore, Slovenia, Spain, Sweden, Switzerland, Thailand, Turkey, Ukraine, United Arab Emirates, United Kingdom and United States.
However, Google has removed those 24 apps from the Google Play Store. But they managed to rack up more than 472,000 total downloads before their excommunication.
If you have any of these apps installed on your own Android phone or tablet—or, worse, you actively use them—it’s time to delete them ASAP. Check all your banks and credit card statements, contact list and other financial info right away.