Seven apps found spreading Joker malware on Google Play Store
Cybersecurity firm Kaspersky Labs has discovered seven applications spreading the infamous Joker malware through the Google Play Store. Since this discovery, Google has removed the apps from the Play Store, but they remain installed on devices around the world. The malware is particularly dangerous because it acts as a Trojan and exposes victims to the possibility of financial data theft. Here are more details.
Why does this story matter?
Joker malware has earned infamy in the Android community for being resilient and able to bypass several countermeasures to detect it and prevent attacks. It has been caught several times in the wild since 2017. Unbeknownst to the user, the malware subscribes to mobile services, steals bank account information, and can even collect data to commit identity fraud.
Infected apps had over 70,000 downloads in total
Kaspersky Labs' Android Malware Analyst, Tatyana Shishkova, found the following apps infected with Joker malware: Now QRcode Scan (10,000+ downloads), EmojiOne Keyboard (50,000+ downloads), Battery Charging Animations Battery Wallpaper (1,000+ downloads), Dazzling Keyboard (10+ downloads), Volume Booster Louder Sound Equalizer (100+ downloads), Super Hero-Effect (5,000+ downloads), and Classic Emoji Keyboard (5,000+ downloads). If you have any of these apps installed, please uninstall them immediately.
Shishkova's tweet shows one malware-laden app on Google Play Store
Google removed the apps from Play Store after users complained
Google reportedly booted these apps from the Play Store only after several users fell prey to the Joker malware. To stay safe from the Joker or any other Android malware, make sure you install applications from reputable sources only. If you must use a third-party source, make sure to check the app reviews so you're aware of any bad experiences other users have had.
Only grant apps the permissions they would reasonably use
To stay safe online, be careful to grant applications just the permissions they need to perform their intended function. For example, a clock app seeking microphone access is a big red flag. Additionally, make sure you upgrade to the latest version of Android's security patch. Sharing passwords across multiple websites is also a bad idea that could compromise your information's safety.