Four more apps that infected thousands of Android devices with malware, removed from the Google Play Store

a-worried-woman-looking-at-her-smartphone-getty.jpg

Image: Getty

Four more Android applications that have been downloaded more than 100,000 times have been removed from the Google Play app store after security researchers said they were used to deliver malware to smartphones.

The apps that delivered Joker malwarehave been identified by Pradeo . cybersecurity researchers, which she reported to Google. The applications have since been removed from the Play Store.

Users who have downloaded the apps have been warned to uninstall them immediately to avoid falling victim to fraud.

TO SEE: A winning cybersecurity strategy (ZDNet special report)

Three of the apps were published in the past month, while one was first published in November 2020 – although the researchers were unable to identify when it was modified to deliver malware.

Joker malware is designed to be discreet and difficult for app stores to detect, with developers frequently changing their methods to avoid being discovered.

This allowed Joker to be successful – it has been found in thousands of mobile applications and downloaded by millions of victims during the last three years

The main purpose of Joker is to monetize victims who accidentally downloaded the malware and does so by committing fraud by making in-app purchases and sending text messages to paid numbers.

Two of the apps were able to bypass multi-factor authentication to ensure that in-app purchases can be made. This is done by intercepting one-time passwords by intercepting notifications, reading text messages and taking screenshots.

It is likely that users will not notice that they have been a victim of fraud until they receive their mobile phone bill, which can be weeks after infection.

TO SEE: These are tomorrow’s cybersecurity threats you need to think about today

While ad fraud and in-app purchases are the primary means of making money for Joker, it also offers the opportunity to install other apps on users’ devices, which could potentially be used to deliver even more dangerous malware that could be sensitive. information or spying on smartphones.

Malicious apps are designed to look legitimate, but Pradeo suggests that there are some tell-tale signs that can warn users that what they may be downloading could be malware. These include how the developer considers each app, the privacy policy is short and vague, and the apps never relate to a specific company name or website.

ZDNet attempted to contact Google for comment, but had not received a response at the time of publishing.

MORE ABOUT CYBER SECURITY

Leave a Comment

Your email address will not be published.