One of the worst threats to Android users is unwanted resurgence, security experts warn. The nasty threat named Joker is supposed to sign up Android users behind their backs for premium and very expensive subscriptions. That’s the latest warning from the team at Zimperium, which is working with Google to prevent infected apps from being downloaded onto smartphones.
The security researchers say they saw a “big increase” in apps packed with the evil Joker malware. Most of the applications associated with this threat take the form of legitimate apps that provide users with fun photo filters, games, wallpapers, and text translating options.
Once installed, these apps, which can be found on the Google Play Store, introduce the cruel Joker malware. This provides the ability to install hidden spyware and premium dialers on devices which then unsuspecting users can sign up for expensive monthly subscriptions that they never wanted – or can afford. The victims found more than £ 240 per year for these fraudulent subscriptions.
“Joker Trojans are malicious Android applications that have been known since 2017 for notoriously committing billing fraud and subscribing users to premium services,” explains Zimperium. “The result of a successful mobile infection is a financial gain for the cybercriminal that often lies in front of the victim long after the money is lost, and there is little or no recourse.”
READ MORE: You Might Be Blocked by Spotify from Downloading Your Songs
Joker is nothing new, but appears to be taking revenge despite the best efforts of Google and the App Defense Alliance – a program that includes Zimperium.
Zimperium says it has seen over 1,000 new patterns from Joker since its last report on the problem in 2020. And the company warns that cyber thieves have routinely found new and unique ways to get this malware into both official and unofficial app stores.
That means that some of these malware-packed apps are likely to find their way onto the Google Play Store. The latter is usually considered a safe way for Android tablet and smartphone owners to browse and install new apps. Google has strong protections – unlike some other app repositories available online – but malware still manages to infiltrate the store.
“Although they never live long in these repositories, the persistence shows that just like traditional endpoint malware, mobile malware does not go away, but is further modified and developed in a constant cat-and-mouse game,” added Zimperium.
It is important that all Android users do some research before downloading apps on their device, as once Joker infects the phone it can amass huge bills without the owner ever even realizing it.
Just last month, researchers at Quick Heal Security Labs found 8 apps interspersed with Joker, with the company urging Android users to delete them immediately. They also gave some simple advice on how to stay away from other malware threats. This contains…
• Only download applications from trustworthy sources such as the Google Play Store • Learn how to identify counterfeit applications in the Google Play Store • Do not click on third-party links received through news or other social media platforms • Deactivate the installation from the “Unknown Source” option • Read the pop-up messages you get from the Android system before accepting / allowing new permissions
You have been warned!