In a fearful event, the Joker Malware has returned to the Google Play Store as over 50 apps are found to be infected by the dreadful threat. It’s one of the most critical security issues for Android users. Read on to know everything about it.
Reports about Joker Malware re-spreading to Android devices started emerging earlier this month. Now, Zscaler Threatlabz has confirmed several Android apps are infected by it. Google is continuously banning and removing them from the Play Store.
This particular malware is able to take advantage of the official Google app store using its trail signatures and steals users’ personal information. You must take the necessary steps to prevent its infection and keep your Android smartphone or tablet completely safe.
What is Joker Malware?
Joker Malware, also known as SysJoker, is basically a Sleeceware. It was first seen in 2017 when it appeared undetected and affected a number of Android users. This threat explores Android devices by messing with the official Google Play Store.
It updates the virus code, execution process, and payload-retrieval techniques to steal personal information such as contact details, device data, SMS messages, and more.
Again bunch of Joker Malware affected apps found on PlayStore. Here is a thread to explain you the story so far. 🧵 pic.twitter.com/sOBRlTqCsb
— Priyanshu Ratnakar (@priynshuratnakr) July 28, 2022
Before this month, this malware was seen in June as well as October 2021 as per Android Headlines. In 2020, around 17,00 reports were delisted from the Play Store as they were affected by this malware.
How does the Joker Malware Work?
The Joker Malware has been the first choice for hackers and scammers as it’s capable of dealing financial blows to the victims. It initially started as an SMS fraud but has now evolved into a dynamic toolkit for hackers.
“Joker is categorized as Fleeceware,” says cyber security firm Pradeo, “as its main activity is to simulate clicks and intercept SMS to subscribe to unwanted paid premium services unbeknownst to users. By using as little code as possible and thoroughly hiding it, Joker generates a very discreet footprint that can be tricky to detect. In the last two years, the malware was found hiding in hundreds of apps.”
This threat provides codes to the ad web page and when the victim signs up, it sends related information to a Command & Control (C2) server which is managed by cybercriminals.
What could be the complications of Joker Malware Infection?
Although Joker Malware initially worked on SMS frauds, it has now evolved into a more terrifying tool to steam someone’s personal information without them knowing anything about it. It is capable of performing the following actions:
- Crack one-time passwords and steal security codes
- Send and read SMS messages without you knowing
- Intercept and read notifications from any app
- Take screenshots silently without you noticing
- Make calls whenever required
- Access contacts without your permission
- Record device information for future attacks
Therefore, it’s essential that you keep your Android device safe from this fearful malware. If your personal mobile is affected, you may have a serious loss of data or money.
List of Apps Infected by Joker Malware
Google Play Store has banned and deleted a number of apps infected by the latest variant of Joker Malware (dubbed Autolycos). Here is the list of such apps:
- Universal PDF Scanner
- Private Message
- Premium SMS
- Smart Messages
- Text Emoji SMS
- Blood Pressure Checker
- Funny Keyboard
- Memory Silent Camera
- Custom-Themed Keyboard
- Light Messages
- Themes Photo Keyboard
- Send SMS
- Themes Chat Messenger
- Instant Messenger
- Cool Keyboard
- Font Emoji Keyboard
- Mini PDF Scanner
- Smart SMS Messages
- Creative Emoji Keyboard
- Fancy SMS
- Fonts Emoji Keyboard
- Personal Message
- Funny Emoji Message
- Magic Photo Editor
- Professional Messages
- All Photo Translators
- Chat SMS
- Smile Emoji
- Wow Translator
- All Language Translator
- Cool Messages
- Blood Pressure Diary
- Chat Text SMS
- Hi Text SMS
- Emoji Theme Keyboard
- Text SMS
- Camera Translator
- Come Messages
- Painting Photo Editor
- Rich Theme Message
- Quick Talk Message
- Advanced SMS
- Professional Messenger
- Classic Game Messenger
- Style Message
- Private Game Messages
- Timestamp Camera
- Social Message
- Simple Note Scanner
You are advised to uninstall and clean the cache if you’ve been using any of these apps.
How to Know if your Android Device is Infected by Joker Malware?
The most troublesome aspect of the Joker Malware is that it works with little to no symptoms. Most of the time you won’t notice anything and it’ll secretly continue stealing your personal information. You’ll only realize when the damage is done.
However, sometimes you can notice subtle synonyms like slowed device, modified system settings without your input, unknown and weird apps on the device, and faster drainage of battery. Sometimes the malware may also redirect you to shady websites.
You need to notice such symptoms and figure out if you have installed any of the apps recently that have been confirmed to be affected. After that, you’ll have to format your device and erase all the data immediately to clean it.
How to Keep your Android Device Safe from Joker Malware?
Protection is always better than cure. You need to take care of your Android device in order to protect it from Joker Malware. The experts at Pradeo have shared a number of tips for that.
They suggest not installing apps that only have a single app their name, using very generic or short privacy policies (often hosted on Google Docs), or lacking a legit company website. Users are basically advised to stay away from any apps on the Play Store that seem fishy.
Along with that, users are strongly recommended to not download any APK files as apps installed from third-party resources are likely to be affected by this threat. Another thing you could do is always read carefully before granting any sort of permission to any app.
If an app asks permission that isn’t related to its functions, it’s more likely to exploit your device. Stay away from it. If you’ll careful follow these, you can protect your Android device from Autolycos or Joker Malware.