Delete these apps! Scanner, messaging and keyboard downloads are hiding malware

By Kim Komando

July 23, 2021

© Vladyslav Yushynov | Dreamstime.com

Having your phone infected with malware is no laughing matter. Unfortunately, several mobile applications have just been discovered that harbor the dangerous Joker malware.

The name might sound familiar to you. Not because it is the villain in superhero flicks, but because we have written about the malware’s destruction before. It is one of the most prominent attacks that criminals use on victims.

Joker malware is so widespread that cybersecurity firm Zscaler has set up a dedicated team to research the threat. Their work recently paid off, as they managed to identify numerous apps that are spreading the virus. Keep reading for the new list of dangerous apps.

Here’s the backstory

Google has been alerted previously about the malware’s presence. But as fast as it can remove it, new apps appear with the same ferocity.

The malware is incredibly crafty in the way it works. When an infected app is downloaded, it tricks the Android notification system by asking for permission to read all notifications. Once granted by the user, it hides all notifications of malicious behavior.

Here is a list of 11 apps recently found hiding Joker malware:

1. Free Affluent Message
2. PDF Photo Scanner
3. delux Keyboard
4. Comply QR Scanner
5. PDF Converter Scanner
6. Font Style Keyboard
7. Translate Free
8. Saying Message
9. Private Message
10. Read Scanner
11. Print Scanner

In essence, the hackers will have access to all your data and can control your device. Since it hides notifications, criminals can:

• Steal personal information
• Access and copy your contact list
• Monitor text messages
• Sign you up for fraudulent services
• Send text messages to premium numbers

Zscaler’s ThreatLabz research team noted that the new crop of infected apps has been downloaded 30,000 times and uses a different method for getting past Google’s security checks.

“Joker is well known for changing its tactics to bypass the Google Play Store vetting process. This time we saw Joker using URL shortener services to retrieve the first level of payload,” the team explained in a blog post.

What you can do about Joker

If you have downloaded or used any of the 11 apps listed, you must immediately uninstall them from your phone. The apps aren’t only found on the Google Play Store but third-party stores as well.

Here is how to find and delete apps on Android:

• Open the Google Play Store app.
• At the top right, tap the profile icon.
• Tap Manage apps & devices and then Installed.
• Go through the list of displayed applications.
• Next to the app you want to remove, tap Uninstall.

Keep reading

Scary new malware that live streams your screen – Here’s what to look for

Tech security tip: How to remove malware from your computer

Tags: Android, apps, cybersecurity, Google, Google Play Store, hackers, infected apps, malware, security, Zscaler