A number of apps have recently made their way into the Google Play Store with a little something extra: malware.
The malware, which has been dubbed “Joker,” is designed to sneakily sign users up for subscription services, ones that they might be charged for over the course of several months before they even realize that they’re subscribed.
Cybersecurity researcher Aleksejs Kuprins explained the issue in detail in a Medium post.
The malware appears to be targeting specific countries, including Australia, Austria, Belgium, Brazil, China, Cyprus, Egypt, France, Germany, Ghana, Greece, Honduras, India, Indonesia, Ireland, Italy, Kuwait, Malaysia, Myanmar, Netherlands, Norway, Poland, Portugal, Qatar, Republic of Argentina, Serbia, Singapore, Slovenia, Spain, Sweden, Switzerland, Thailand, Turkey, Ukraine, United Arab Emirates, United Kingdom and the United States.
The majority of the apps in question targeted specifically European and Asian countries and required a user to be using a SIM card from those regions in order for the malware to execute. In total 24 different apps were infected with the malware. Those apps were installed roughly 472,000 times. Metadata suggests that the apps started their campaigns in June 2019, although some may have also existed in the past.
That said, Kuprins notes that Google seems to be on top of the issue. Google removed all of the impacted apps from the Google Play store without any contact from the security researchers.
- Advocate Wallpaper
- Age Face
- Altar Message
- Antivirus Security – Security Scan
- Beach Camera
- Board picture editing
- Certain Wallpaper
- Climate SMS
- Collate Face Scanner
- Cute Camera
- Dazzle Wallpaper
- Declare Message
- Display Camera
- Great VPN
- Humour Camera
- Ignite Clean
- Leaf Face Scanner
- Mini Camera
- Print Plant scan
- Rapid Face Scanner
- Reward Clean
- Ruddy SMS
- Soby Camera
- Spark Wallpaper
If you did install any of the apps on this list, now’s the time to uninstall them. You’ll also want to pay attention to your credit card statements to make sure you haven’t been signed up for anything without your knowledge.
This is the second time in recent weeks that malware was discovered in popular Android apps. In late August, Kaspersky found that a scanning app called CamScanner contained malware as well.
Kuprins also suggests paying attention to what permissions apps ask for when you install them on your phone. Presumably, some of these apps made it clear that they were accessing some parts of your phone that they shouldn’t have needed access to. Whenever you see something like that in an app, especially a little-known Android app, it’s a good idea of exercise caution, and potentially not install the apps in the first place.
- How to reset default apps on an Android phone or tablet
- Google is launching a powerful new AI app for your Android phone
- This is the first thing you need to do when you get your Galaxy S24
- If you have one of these Motorola phones, you’re getting a big Android update
- Slack is down right now. Here’s what we know about the issues [Update]