This messaging app with 500K+ downloads is hiding malware that steals your money
Malware has evolved over the years to make detection incredibly difficult. Part of the problem is that many malicious apps behave like legitimate ones – stealing your data while hiding in plain sight.
When these apps are detected by security researchers or mobile phone developers, they’re typically removed quickly from the respective stores. Tap or click here to see if your phone could be harboring some of these apps.
But hackers don’t give up and often come up with new ways to get malicious software on as many devices as possible. Now one particularly problematic form of malware known as Joker is back, discovered hidden in an Android app downloaded over half a million times.
Here’s the backstory
First detected back in 2017, Joker malware has been a recurring threat to Android devices due to its ability to hide within popular apps – some of which have been downloaded hundreds of thousands of times. The malware can hide in fake apps or real applications that have been altered. Tap or click here to learn more about a recent discovery involving 24 apps injected with Joker malware.
Once an infected app is downloaded and installed, it tricks the mobile phone’s notification system by asking for permission to read all notifications. When an unsuspecting user grants permission, the malware will hide all future warnings and notifications about malicious behavior.
It has mostly been found in Android apps downloaded from the Google Play Store or third-party libraries. The previously infected apps have been removed from the Play Store, but Joker has once again reared its head.
Cybersecurity company Pradeo detected Joker in an Android app call Color Message. The app supposedly allowed users to change the color of their default text messages. But it served as nothing more than a vehicle to get the malicious software onto mobile phones.
In addition to how the previous Joker infections worked, this version added three more actions:
- It uses mobile phones to simulate clicks on malicious ads to generate revenue
- Subscribed users to premium services to steal money
- Accesses users’ contact lists and sends data to hackers in Russia
Pradeo explained in a blog post that before it had been removed from the Google Play Store, the app had been downloaded more than 500,000 times. The app tries to evade deletion as well, as it hides the app shortcut from showing on the home screen.
What you can do about it
Check your phone! 24 apps that contain the dangerous Joker malware
Earlier last month, nasty malware was making the rounds, giving hackers access to all kinds of personal information. Called Joker, it was embedded into several Android apps and overwrote the operating system’s notifications.
17 apps you need to delete: File converter, PDF scanners and more
Finding decent apps for your Android can be tricky. On one hand, you have tons of apps to choose from thanks to Google’s open-ended app store. On the other, a good portion of apps you’ll find on Google Play are buggy, ad-filled or downright malicious.
Avoid 'free' downloads of these Oscar favorites - they're hiding malware
If you’re a movie fan, this is a huge weekend. The 92nd Academy Awards ceremony airs Sunday, Feb. 9, and tons of great films will win Oscars.
Just the mention of Oscar-nominated movies gives many of us the itch to binge-watch them all. You might be able to catch some of them on Netflix or Amazon Prime Video. Tap or click here to find out which service is better for movies.