Technology
This new Android malware may be the most twisted yet
This new Android malware may be the most twisted yet.
An interesting new type of malware has been uncovered, coded within two dozen Android apps that have accumulated hundreds of thousands of downloads in the Google Play store.
Android users who downloaded any of the apps embedded with this malware, dubbed “the Joker,” will need to check their credit card bills. Joker’s purpose, once deployed, is to sign up its victims to subscription services without their knowledge or consent. This new malware was first detected by CSIS Security Group malware analyst Aleksejs Kuprins, who has been monitoring the malicious code and penned a on Joker.
According to Kuprins, the malware “delivers a second stage component, which silently simulates the interaction with advertisement websites, steals the victim’s SMS messages, the contact list and device info.” Basically, any user that was infected by Joker possibly had their phone’s texts and contact list stolen, too.
But the simulated interactions are where Joker gets a bit more twisted.
“The automated interaction with the advertisement websites includes simulation of clicks and entering of the authorization codes for premium service subscriptions,” writes Kuprins. “For example, in Denmark, Joker can silently sign the victim up for a 50 DKK/week service (roughly ~6,71 EUR). This strategy works by automating the necessary interaction with the premium offer’s webpage, entering the operator’s offer code, then waiting for a SMS message with a confirmation code and extracting it using regular expressions. Finally, the Joker submits the extracted code to the offer’s webpage, in order to authorize the premium subscription.”
According to , the list of apps harboring the Joker malware include Advocate Wallpaper, Age Face, Altar Message, Antivirus Security – Security Scan, Beach Camera, Board picture editing, Certain Wallpaper, Climate SMS, Collate Face Scanner, Cute Camera, Dazzle Wallpaper, Declare Message, Display Camera, Great VPN, Humour Camera, Ignite Clean, Leaf Face Scanner, Mini Camera, Print Plant scan, Rapid Face Scanner, Reward Clean, Ruddy SMS, Soby Camera, and Spark Wallpaper.
Kuprins says that in total, the 24 apps racked up more than 472,000 downloads in the Google Play store. The apps have since been removed. If a user has any of those apps on their phone, they should be deleted.
According to the report, the current iteration of Joker malware campaign appears to go back as far as June of this year. Kuprins notes that Google removed the apps before his security firm reached out to the company, so it appears that the tech giant has been monitoring the situation as well.
has been a plaguing Android . Facebook has even gone so far as to last month against one developer, whose malware-ridden Android app engaged in click fraud on the social media company’s ad network.
While other recent Android-targeted malware campaigns have had reach, such as which has infected 25 million devices, Joker’s automated subscription attack certainly makes it among the more interesting.
-
Entertainment7 days ago
‘Only Murders in the Building’ Season 4 ending explained: Who killed Sazz and why?
-
Entertainment6 days ago
When will we have 2024 election results online?
-
Entertainment5 days ago
Halloween 2024: Weekend debates, obscure memes, and a legacy of racism
-
Entertainment6 days ago
Social media drives toxic fandom. Is there a solution?
-
Entertainment5 days ago
Is ‘The Substance’ streaming? How to watch at home
-
Entertainment5 days ago
M4 MacBook Pro vs. M3 MacBook Pro: What are the differences?
-
Entertainment3 days ago
Menendez brothers case reignites online: The questions that keep resurfacing
-
Entertainment4 days ago
‘A Real Pain’ review: Jesse Eisenberg and Kieran Culkin charm as odd-couple cousins