Delete this new Joker malware from your Android device before you’re billed for a premium service

Delete this new Joker malware from your Android device before you're billed for a premium service
An app containing malware has finally been removed from the Google Play Store but not before it had been installed more than 500,000 times. The app, named Color Messages, improves text messages by adding emoji to them. Pradeo Security (via ars Technica) wrote on Thursday that the app is infected with the Joker malware and appears to be connecting with Russian servers.

The Joker malware is ready to separate you from your hard-earned money

Based on Pradeo’s analysis, the Color Messages app accesses users’ contacts lists and also subscribes victims to unwanted premium paid services without their knowledge. That is a characteristic of Joker which is known as Fleeceware since it simulates clicks and intercepts SMS messages in order to sign users up for the aforementioned premium services. It also uses as little code as possible making Joker hard to detect.
Comment section from Color Messages
The report notes that in the last two years, Joker was discovered in hundreds of apps. As for Color Message, even though it has been removed and is no longer available from the Google Play Store, if you installed the app on your Android phone, it still could be signing you up for expensive services that you don’t need or want.. So your best course of action is to remove the app from your handset ASAP.
And since the icon disappears and hides after the app is installed, removing it from your phone is easier said than done. Victims don’t realize at first that they have been signed up for a premium service that they don’t need or want, they often have to take a financial hit without a realistic chance of getting their money back.

How do these apps get past Google Play Protect?

You might wonder how these apps make it past Google Play Protect which is supposed to run a safety check on apps from the Google Play Store before they are installed on users’ phones. These malicious apps are able to fool Google by delaying their true intentions. Once installed on an Android phone via an infected app, Joker subscribes you to premium WAP (wireless application protocol) services without your knowledge or consent, and steals your SMS messages, contact lists, and information about your device.
But at first, everything about the app appears copacetic allowing it to sneak past the bouncer like a, well, like the Trojan Horse from Greek mythology.

New reasons to get excited every week

Get the most important news, reviews and deals in mobile tech delivered straight to your inbox

This content was originally published here.

Laat een reactie achter

Het e-mailadres wordt niet gepubliceerd.