Remove These 24 Android Apps Infected With the New Joker Malware

Another time around, another batch of Android apps hit the Google Play Store and amassed hundreds of thousands of downloads with some hidden malware embedded in their code.

This time, the malware is called Joker. According to Alexei Kuprins at cybersecurity firm CSIS, this particular malware is designed to covertly subscribe users to subscription services, which they might not even notice unless they carefully check their monthly credit card statements.

He describes :

“For example, in Denmark, the Joker can silently subscribe to a service offering of DKK 50 per week (approximately ~ € 6.71). This strategy works by automating the required interaction with the premium offer web page, entering the operator’s offer code, then waiting for an SMS message with a confirmation code and retrieving it using regular expressions. Finally, Joker sends the extracted code to the offering web page to authorize the premium subscription. “

Although Google has since removed the malicious apps from the Google Play store, it has amassed over 472,000 downloads prior to their excommunication. If you have any of these apps installed on your own Android phone or tablet, or worse, you actively use them, it’s time to uninstall them as soon as possible. (We’ve provided links so you can make sure the app on your device is the one to get rid of; obviously, don’t download those apps on your Android.)

If you’ve used any of these apps, it’s worth checking your Google Play account for unexpected subscriptions , although we doubt you’ll find anything there. Instead, you’ll want to look at your credit card or bank statements back in June this year, when the Joker malware started launching its latest batch of automatic subscriptions. You can also inform your contacts that you are potentially infected as Joker steals your entire contact list and uploads it to the command and control server.


Leave a Reply