Updated Joker Malware Floods into Android Apps
#1
Information 
Quote:The Joker mobile trojan is back on Google Play, with an uptick in malicious Android applications that hide the billing-fraud malware, researchers said. It’s also using new approaches to skirt past Google’s app-vetting process.
 
Joker has been around since 2017, disguising itself within common, legitimate apps like camera apps, games, messengers, photo editors, translators and wallpapers. Once installed, Joker apps silently simulate clicks and intercept SMS messages to subscribe victims to unwanted, paid premium services controlled by the attackers – a type of billing fraud that researchers categorize as “fleeceware.” The apps also steal SMS messages, contact lists and device information. Often, the victim is none the wiser until the mobile bill arrives.
 
Malicious Joker apps are commonly found outside of the official Google Play store, but they’ve continued to skirt Google Play’s protections since 2019 too. That’s mostly because the malware’s authors keep making small changes to their attack methodology. As a result, there have been periodic waves of Joker infestations inside the official store, including two massive onslaughts last year. According to researchers at Zimperium, more than 1,800 Android applications infected with Joker have been removed from the Google Play store in the last four years.
 
In the latest wave, at least 1,000 new samples have been detected just since September, many of them finding their way into the official marketplace, researchers said.
 
“Malicious actors have routinely found new and unique ways to get this malware into both official and unofficial app stores,” according to a Zimperium analysis, posted Tuesday. “While they are never long for life in these repositories, the persistence highlights how mobile malware, just like traditional endpoint malware, does not disappear but continues to be modified and advanced in a constant cat-and-mouse game.”

Read more: Updated Joker Malware Floods into Android Apps | Threatpost
[-] The following 1 user says Thank You to silversurfer for this post:
  • harlan4096
Reply


Forum Jump:


Users browsing this thread: 2 Guest(s)
[-]
Welcome
You have to register before you can post on our site.

Username/Email:


Password:





[-]
Recent Posts
ON1 Software
ON1 Photo RAW 2025.1...jasonX — 06:29
QOwnNotes 19.1.6
24.12.4 The wel...Kool — 12:56
INTEL Arc Graphics 32.0.101.6325/6253 dr...
Highlights Fix...harlan4096 — 11:06
GFYI [Official] Revo Uninstaller Pro v5...
"Share feedback...damien76 — 09:01
GFYI [Official] SpyShelter PRO v15 Chri...
Merry Christmas and ...damien76 — 08:56

[-]
Birthdays
Today's Birthdays
No birthdays today.
Upcoming Birthdays
No upcoming birthdays.

[-]
Online Staff
harlan4096's profile harlan4096
Administrator
zevish's profile zevish

>