- Google removed 17 apps from the Play Store that were affected by the Joker virus;
- The Joker virus is a large scale billing fraud;
- Google has been actively trying to fight the Joker Virus since 2017;
- The Joker malware has lead to the elimination of 1,700+ apps since 2017.
Google has been trying to combat the Joker malware, a bot that helps conduct SMS billing frauds. Beginning from March 2020, Google had removed 11 apps from the Play Store due to breach of security. In September, 2020 Google had found 6 more apps involved with the WAP Billing Fraud. According to Zscaler, these 17 apps had been installed over 120,000 before being pulled off.
The Joker malware is a bot that has been labeled as a fleeceware. This fleeceware is known to simulate clicks and capture SMS to enroll for premium services. Google has geared up its system’s defense and search for loopholes the malware breached.
“This spyware is designed to steal SMS messages, contact lists, and device information, along with silently signing up the victim for premium Wireless Application Protocol (WAP) services,” Zscaler security researcher Viral Gandhi said this week.
The apps removed from the Google Play Store after the Joker malware being detected are:
- Mint Leaf Message – Your Private Message
- Tantagram App Lock
- Private SMS
- Direct Messenger
- One Sentence Translator – Multifunctional Translator
- Style Photo Collage
- Desire Translate
- All Good PDF Scanner
- Unique Keyboard – Fancy Fonts & Free Emoticons
- Meticulous Scanner
- Part Message
- Care Message
- Talent Photo Editor – Blur Focus
- Paper Doc Scanner
- Hummingbird PDF Converter – Photo to PDF
- All Good PDF Scanner
- Blue Scanner
How these apps infect a device without being noticed by Google’s security systems is clever. These apps infiltrate the user’s device in stages – making it hard to trace. The malware author clones a genuine app and uploads it on the Play Store. The app is functional, and gains access to the phone’s data – and then waits until it can run malicious activity.
Google states that the technique to fight the malware is simple. But it is not easy defending against them in practice. Since malicious actions take place after hours or days, Google security scans fail to detect this fleeceware. Eventually, the malware is “dropped” on the device.
Earlier in January 2020, Google has published about Joker malware. This malware was portrayed as the most persistent and advanced threat to Google security. Google states that the Joker (aka Bread) malware caused Google to eliminate over 1,700 apps since 2017.
Defense against Joker is difficult – but with caution, it can be done. Users have to be alert with granting permissions to apps in order to avoid any security breach.