Geek Dashboard Home
HomeNews

Google Has Removed 11 Apps from Play Store Infected with Joker Malware

3 min read Leave a Comment

Google has banned 11 apps from its Play Store for injecting malware into users’ phones. A new variant of popular malware Joker had been discovered by researchers at Checkpoint which is a cybersecurity firm. The malware subscribing to premium services on the behalf of users, without their knowledge.

Checkpoint researchers discovered a new variant of Joker Dropper and Premium Dialer spyware in the Google Play Store. Researchers found that the updated version of Joker was able to download additional malware to the device.

Google Play Store
Image Credit: Indianexpress

Joker Malware!

According to the research, these apps were subscribing to premium services on behalf of users, without their knowledge. This means you could lose your money on a subscription without actually subscribing to any service. To pass Google Play’s protection, hackers used an old way of getting inside of an app.

Here is the list of apps (package names) infected with the jocker virus:

  1. com.imagecompress.android
  2. com.contact.withme.texts
  3. com.hmvoice.friendsms
  4. com.relax.relaxation.androidsms
  5. com.cheery.message.sendsms (two different instances)
  6. com.peason.lovinglovemessage
  7. com.file.recovefiles
  8. com.LPlocker.lockapps
  9. com.remindme.alram
  10. com.training.memorygame

Also Read: Fix DF-DFERH-01: Error retrieving information from the server in Google Play

How Joker Malware Works?

Joker malware mainly utilized two components of a device, the Notification service that is part of the original application and a dynamic dex file. The dynamic dex file loaded from the C&C server to perform the registration of the user to any service.

how to remove shortcut virus

To minimize the malware code, the developers hid the code by dynamically loading it onto a dex file, while ensuring that it is able to completely load when triggered. The code is inside of the dex file and is encoded as Base64 encoded strings. It darts decoding and load as soon as users open an infected app.

Also Read: How to Generate and Extract APK Files from Android App Bundle (AAB)

If You Were Using an Infected App, Then What You Need to Do?

If you were using one of these apps, infested by the Joker malware then you should remove the app from your phone as soon as you can. Further, check your mobile and credit card bills for any irregularities. If you find anything suspicious transactions, talk to your bank to raise the chargeback. Moreover, always use apps from trusted developers and always download the app from Google Play Store.

To let you know, Joker is one of the most frequently encountered malware for Android. It has made its way to apps on Google Play Store in the past. Google in January, removed over 1,700 apps that contained the malware Bread, also known as Joker. Indian Government also banned 59 Chinese apps in India over data privacy and security.

Be the Change!

Spread the word and help us create better tech content

Facebook Twitter Reddit WhatsApp Pinterest
Avatar for Rahul Rawat

Rahul Rawat

Facebook

Rahul loves writing about technology and gadgets. He likes playing games in his free time and he wishes to convert his 6.85 Billion 8ball pool coins into real money.

Read all 220 articles from Rahul

Leave a Reply

The comments section is to assist our readers with any inquiries. Each comment undergoes rigorous moderation before it can be approved for publication.Your name and comment will be publicly visible. Your email address will not be published.Required fields are marked