Bad news for Android users is not stopping. This time, ethical hacking experts report the emergence of a new malware variant that has managed to infiltrate more than twenty android apps, all available on the Google Play Store.
This variant of malware, dubbed
“Joker”, was developed to enroll victims in various Premium subscription
services. The worst part is that infected users won’t even notice any hint of
anomalous activity until the charges for these subscriptions are reflected in
their bank statements.
Ethical hacking specialist Aleksejs Kuprins describes
how this malware works: “Joker works by automating the necessary
interaction with the provider of these subscription services, entering the
phone operator’s offer code and waiting for a SMS message with a confirmation
code, which will be extracted by hackers and sent to the website of the Premium
service, thus authorizing the subscription”.
This malware has shown significant activity in
Europe, especially in Denmark, where Joker has inadvertently managed to inscribe
thousands of victims in a service costing almost €7 a week.
Although Google was notified of this incident,
and the infected apps have already been removed from the Play
Store, they managed to accumulate nearly 480k total downloads. Below is
the list of the 24 applications that contain the Joker malware:
Security – Security Scan
For users who have downloaded any of these applications, ethical hacking specialists from the International Institute of Cyber Security (IICS) recommend removing them immediately. Reviewing activity on your bank accounts looking for any anomalous charges is also a recommended measure.