A new Joker malware app was downloaded from the Google Play Store by over 500,000 Android users

A new Joker malware app was downloaded from the Google Play Store by over 500,000 Android users

Tech Highlights:

  • “We is [sic] committed to ensuring that the app is as useful and efficient as possible,” the developers behind Color Message state in their terms and conditions. “For that reason, we reserve the right to make changes to the app or to charge for its services, at any time and for any reason. We will never charge you for the app or its services without making it very clear to you exactly what you’re paying for.”

  • A malicious Android app with over 500,000 downloads from the Google Play app store has been discovered to be infected with malware that secretly sends users’ contact details to an attacker-controlled server and signs them up for unwanted paid premium memberships without their knowledge. The latest Joker malware was discovered in Color Message (“com.guo.smscolor.amessage”), a messaging-focused app that has subsequently been withdrawn from the official app marketplace. It has also been seen faking clicks in order to make cash from fraudulent adverts, as well as connecting to Russian servers. According to mobile security firm Pradeo, Color Message “accesses users’ contact information and exfiltrates it across the network [and] automatically subscribes to undesirable premium services.” “The application has the ability to disguise its icon once installed, making it difficult to remove.”

Joker, since its discovery in 2017, has been a notorious fleeceware infamous for carrying out an array of malicious activities, including billing fraud and intercepting SMS messages, contact details, and device information unbeknownst to users. The rogue apps have continued to skirt Google Play protections using a barrage of evasion tactics to the point that Android’s Security and Privacy Team said the malware authors “have at some point used just about every cloaking and obfuscation technique under the sun in an attempt to go undetected.” Found this article interesting? Follow THN on Facebook, Twitter  and LinkedIn to read more exclusive content we post.

We will be happy to hear your thoughts

      Leave a reply

      Tech Reviews, News and Guides