Cybersecurity scientists on Wednesday said that they discovered six apps on the Google Play store with more than two hundred thousand downloads in total that were infected with the infamous malware named Joker.
Convenient Scanner 2, Safety AppLock, Push Message-Texting & SMS, Emoji Wallpaper, Separate Doc Scanner, and Fingertip GameBox are the apps, as reported by the cybersecurity firm Pradeo.
"The infected applications have now been deleted from Google Play, but are still installed on the devices of their users," Pradeo said. Joker is a malicious bot (categorized as Fleeceware) whose main activity is to simulate clicks and intercept SMS to subscribe to unwanted paid premium services unbeknownst to users.
Apps Infected With Malware
By using as little code as possible and thoroughly hiding it, Joker generates a very discreet footprint that can be tricky to detect. In the last year, the malware was found hiding in hundreds of apps. "Users are advised to immediately delete them from their device to avoid fraudulent activities," the cybersecurity firm advised.
Google has removed over 1,700 apps containing Joker malware from the Play Store since 2017. In July this year, researchers at cybersecurity firm Check Point discovered a new variant of the Joker Dropper and Premium Dialer spyware in Google Play. Hiding in seemingly legitimate applications, this updated version of Joker was able to download additional malware to the device, which subscribes the user to premium services without their knowledge or consent.
Joker, one of the most prominent types of malware for Android, keeps finding its way into Google's official application market as a result of small changes to its code, which enables it to get past the Play store's security and vetting barriers.
(With agency inputs)