Joker: An old acquaintance returns. One that keeps coming back every so often. It is the Joker malware, which continues to infect applications that sneak into the Google Play Store despite security measures and barriers.
And it is that, after infecting more than 500 thousand Huawei mobile phones in 2020, Joker continues to return periodically. And despite the security of the Android Store, The Joker has once again managed to sneak into up to 13 applications, some of them with more than 100,000 downloads. Like the previous variants, you can also subscribe users to websites that offer payment services, which means that users risk a big surprise at the end of the month when their bank account or credit card statement get to the mailbox.
In fact, in the past some victims have been found paying more than 240 pounds (279 euros) a year for these fraudulent subscriptions. A Kaspersky Android malware researcher, Tatyana Shishkova, has warned of the malware resurgence in a series of posts on Twitter, listing more than a dozen apps that appear harmless at first glance but contain dangerous malware.
13 tainted apps
Google has already removed these applications from the Play Store, but if you have any of the applications listed below installed on any of your Android devices, you should remove it immediately:
Classic Emoji Keyboard
Battery Charging Animations Battery Wallpaper
Battery Charging Animations Bubble Effects
Easy PDF Scanner
Flashlight Flash Alert On Call
Now QRcode Scan
Smart TV remote
Volume Booster Louder Sound Equalizer
Volume Booster Hearing Aid
As you can see, some of these apps have similar names. Shiskova warned about Battery Charging Animations Battery Wallpaper on November 4, but although it was removed from the Play Store just a week later, the similarly named Battery Charging Animations Bubble Effects app appeared, also infected by the Joker.
The developers and application icons are not the same, but the fact that the format of the developer names used is so similar: Erica E. Guel and Charles M. Roseman suggests that the same people are behind . In fact, most of this list of applications uses the same naming format.