Joker
There is a new Android malware that has been plaguing Android users worldwide. Its name is Joker, and so far, it is likely that this threat has infiltrated over 450,000 Android devices. The Joker malware is being propagated on the official Google Play Store under the disguise of 24 different bogus applications. However, this is not the first instance of threatening applications being hosted on the Google Play Store as they have been struggling with this issue for years.
Table of Contents
European and East Asian Regions Most Affected
Once the developers at the Google Play Store caught a whiff of the Joker malware, they made sure to remove the applications, which were linked to this threat. However, having in mind the large number of devices, which were already infected with the Joker malware, this threat may still present on hundreds of thousands of Android devices all around the globe. It appears that most of the compromised devices are located in the UK, Germany, France, China and Singapore.
Capabilities
The Joker malware does not sport a particularly impressive list of capabilities but can do more than enough to damage users. It is able to sign them up for paid services as well as bombard them with unwanted advertisements. The Joker malware is capable of accessing the text messages of the victim, which enables it to subscribe them to a variety of unwanted services by using the confirmation code sent via SMS. Danish Android users have reported having been signed up for a subscription, which cost them 7€ weekly. The Joker malware also is known for sending text messages via the infected host to various numbers, which cost more than the standard text message.
Stealth
The authors of the Joker malware have made sure that their creation operates on the down low and stays under the radar of the victim and any potential anti-malware applications, which may be present on the infected device. This is achieved by code obfuscation methods. The Joker malware checks the C&C (Command & Control) servers of the attackers awaiting additional requests constantly. Thus it needs an Internet connection to function properly.
The developers at the Google Play Store need to up their game when it comes to the protection of their users. Android users also need to be cautious when downloading new applications, as not all applications hosted on the official Google Play Store are safe. It is a good idea to look into obtaining a reputable Android anti-virus application, which may provide additional safety for your device.
