A number of apps have recently made their way into the Google Play Store with a little something extra: malware.
The malware, which has been dubbed “Joker,” is designed to sneakily sign users up for subscription services, ones that they might be charged for over the course of several months before they even realize that they’re subscribed.
Cybersecurity researcher Aleksejs Kuprins explained the issue in detail in a Medium post.
The malware appears to be targeting specific countries, including Australia, Austria, Belgium, Brazil, China, Cyprus, Egypt, France, Germany, Ghana, Greece, Honduras, India, Indonesia, Ireland, Italy, Kuwait, Malaysia, Myanmar, Netherlands, Norway, Poland, Portugal, Qatar, Republic of Argentina, Serbia, Singapore, Slovenia, Spain, Sweden, Switzerland, Thailand, Turkey, Ukraine, United Arab Emirates, United Kingdom and the United States.
The majority of the apps in question targeted specifically European and Asian countries and required a user to be using a SIM card from those regions in order for the malware to execute. In total 24 different apps were infected with the malware. Those apps were installed roughly 472,000 times. Metadata suggests that the apps started their campaigns in June 2019, although some may have also existed in the past.
That said, Kuprins notes that Google seems to be on top of the issue. Google removed all of the impacted apps from the Google Play store without any contact from the security researchers.
Here’s the list of apps infected with the Joker malware:
- Advocate Wallpaper
- Age Face
- Altar Message
- Antivirus Security – Security Scan
- Beach Camera
- Board picture editing
- Certain Wallpaper
- Climate SMS
- Collate Face Scanner
- Cute Camera
- Dazzle Wallpaper
- Declare Message
- Display Camera
- Great VPN
- Humour Camera
- Ignite Clean
- Leaf Face Scanner
- Mini Camera
- Print Plant scan
- Rapid Face Scanner
- Reward Clean
- Ruddy SMS
- Soby Camera
- Spark Wallpaper
If you did install any of the apps on this list, now’s the time to uninstall them. You’ll also want to pay attention to your credit card statements to make sure you haven’t been signed up for anything without your knowledge.
This is the second time in recent weeks that malware was discovered in popular Android apps. In late August, Kaspersky found that a scanning app called CamScanner contained malware as well.
Kuprins also suggests paying attention to what permissions apps ask for when you install them on your phone. Presumably, some of these apps made it clear that they were accessing some parts of your phone that they shouldn’t have needed access to. Whenever you see something like that in an app, especially a little-known Android app, it’s a good idea of exercise caution, and potentially not install the apps in the first place.
- How to remove malware and viruses from your Android phone
- How to protect your smartphone from hackers and intruders
- The best QR code scanning apps for Android or iOS
- How to tell if your webcam has been hacked
- How to sideload an APK or install an Android app from outside the Play Store