Dubbed the “joker-virus”, the Joker malware, which acts by secretly subscribing the victim’s cell phone to subscription services, has been identified again in apps available on the Google Play Store. The alert was given last Wednesday (2) by security company Pradeo, responsible for the discovery.
According to the company, the return of the virtual plague, which had already been found in hundreds of apps in 2019, shows that Google has struggled to prevent malicious activities on its platform. This time, it is present in six apps in the official Android store, which together add up to more than 200 thousand installations.
Classified as a fleeceware, the Joker is characterized by simulating clicks and intercepting SMS, in order to subscribe to premium services without the user’s consent. That way, the victim may end up having cell phone credits consumed in an exaggerated way or notice unrecognized charges on his account, depending on the type of plan he has.
Using as little code as possible, the malware can hide itself completely, making it difficult to detect, which also allows it to go unnoticed by security checks, deceiving those responsible for the Play Store.
What are the infected apps?
According to Pradeo, the six apps infected by the Joker malware are:
Safety AppLock (version 6.5)
Its function was to protect user data by creating a kind of secure folder for files.
Convenient Scanner 2 (version 14.0.4)
App to scan photos and documents, with more than 100 thousand downloads.
Push Message-Texting & SMS (version 4.13)
It allowed configuring the sending of push notifications and by text message.
Emoji Wallpaper (version 14.3)
Added emoji wallpapers to the cell phone.
Separate Doc Scanner (version 2.0.74)
Another option for scanning documents.
Fingertip Gamebox (version 3.0.7)
This brought new versions of classic games.
How to protect yourself?
The apps that featured the Joker malware have already been removed from the Play Store, making new downloads impossible. But whoever downloaded one of them before the discovery, can still suffer the consequences of its action.
In this case, the main recommendation is to immediately uninstall it from your device.