The Joker Malware has returned to the Google Play Store. The new Joker virus strain targeting Android apps has been reported to Pradeo, a mobile security firm.
On the Google Play Store, the malware has infected 15 popular apps. Last year, this malware infected legal apps on the Google Play market, posing a significant mobile security risk.
Despite Google’s involvement, the malware has been successfully resurrected with minor code changes. This malware was initially found in 2017, and Google is still grappling with how to deal with it.
More than 500,000 people have downloaded the Color Message Android app
Tatyana Shishkova, a security expert at Kaspersky, discovered the Joker malware in at least 14 Android apps.
The infamous malware has been discovered on the popular Color Message app. More than five lakh individuals have downloaded the app from the Google Play Store. With the new emoticons, the Color Message app makes SMS texting more enjoyable.
However, a team of Pradeo experts discovered that the software is infected with the Joker Malware. According to the investigation, the software appears to be connected to Russian servers.
Apps infected by Joker Malware-
- Color Message
- Safety AppLock
- Convenient Scanner 2
- Push Message-Texting&SMS
- Emoji Wallpaper
- Separate Doc Scanner
- Fingertip GameBox
The Pradeo security expert team stated in a blog post,
“Our analysis of the Color Message application through the Pradeo Security engine shows that it accesses users’ contact list and exfiltrates it over the network. Simultaneously, the application automatically subscribes to unwanted paid services unbeknownst to users. To make it difficult to be removed, the application has the capability to hide its icon once installed.”
The Color Message app has been withdrawn from the Google Play Store. Users who have already downloaded the software must delete it immediately from their device.
The Joker malware belongs to the “Fleeceware” category, which steals your money without your awareness. Without the victims’ knowledge, this malware clicks and intercepts SMS to subscribe to unwelcome premium services.
It will subscribe to paid internet services without the user’s authorization and will also click on web advertisements. The most hazardous aspect of this malware is that it extracts OTPs from SMS messages in order to approve payments. You won’t know the payment is complete until you look at your bank statements.