Joker malware, the notorious trojan is yet again spotted on Google Play Store. The malware made headlines last year after it infected a host of devices globally. While the search engine giant removed 11 such infected apps back then, the Joker trojan has once again appeared in eight other apps this time. Also Read - Joker malware back on Google Play store, delete these apps from your phone immediately
For those unaware, a trojan or a trojan horse is a kind of malware that often camouflage as legitimate software and steals sensitive information from users including bank details. Trojans can be employed by cyber-criminals or hackers to tricks users and generate revenue by stealing money from them. Here’s how Joker trojan malware affects apps and how one can avoid installing the malware on their device. Also Read - Dark Web Alert! Domino's India data of 180 million orders leaked online
How does Joker malware affect apps?
As explained by The Week and PCrisk website, Joker malware is ‘capable of interacting’ with several ad networks and web pages by simulating clicks and signing up users to fishy ‘premium services.’ The malware activates only when a user interacts with it via an infected app. The virus then goes past the device security and renders relevant information required by the hackers to steal money. This is done by downloading a secured configuration from a command-and-control (C&C) server in the form of an app that is already infected by the trojan. The hidden software then installs a follow-up component that steals SMS details and even contact information and providing codes to the ad websites. The Week notes that authentication like OTPs are obtained by stealing SMS data. As per research reports, Joker “keeps finding its way into Google’s official application market as a result of small changes to its code.” Also Read - Air India server hacked, personal data of 45 lakh passengers leaked in massive cyber attack
8 apps that were ‘laced’ with Joker trojan
The eight apps that were found with the Joker malware include Auxiliary Message, Fast Magic SMS, Free CamScanner, Super Message, Element Scanner, Go Messages, Travel Wallpapers, and Super SMS. Quick Heal report notes that these applications would ask for notification access at launch and would then take SMS data from those notifications.
How to avoid installing malware?
Following the debacle last year, Counterpoint suggested that users should check if their mobile numbers have been signed up and credit card details provided for any subscriptions and unsubscribe any suspected apps which don’t look authentic. Google no doubt detects and removes malicious apps from Play Store, hackers still manage to get through the app store by merely tweaking codes. To save your device from getting infected with such malware it is advised not to open irrelevant SMS or emails that are sent from unknown, suspicious addresses and contain malicious web links. Moreover, you can download and install a security solution into your device to protect your data.