One of the worst threats facing Android users is making an unwelcome resurgence, security experts have warned. The nasty threat, dubbed Joker, is designed to sign-up Android users to premium – and hugely expensive – subscription plans behind their backs. That’s the latest warning from the team at Zimperium, who work alongside Google to help stop infected apps from being downloaded onto smartphones.
The security researchers say they have witnessed a “large uptick” in apps that come packed with the nasty Joker malware. Most of the applications laced with this threat take the form of legitimate apps, offering users fun photo filters, games, wallpapers, and ways to translate text.
Once installed, these apps, which can be found in the Google Play Store, introduce the gruesome Joker malware. This has the ability to install hidden spyware and premium dialers onto devices, which can then sign-up unsuspecting users to expensive monthly subscription plans they never wanted – nor can afford. Victims have found themselves in excess of £240 a year for these fraudulent subscriptions.
“Joker trojans are malicious Android applications that have been known since 2017 for notoriously performing bill fraud and subscribing users to premium services,” explained Zimperium. “The outcome of a successful mobile infection is financial gain for the cybercriminal, oftentimes under the nose of the victim until long after the money is gone, with little to no recourse for recovery.”
Joker is nothing new, however, it now appears to back a vengeance despite the best efforts of Google and the App Defense Alliance – a program that includes Zimperium.
Zimperium says that it has witnessed over 1,000 new samples of Joker since its last report on the problem back in 2020. And the company is warning that cyber thieves have routinely found new and unique ways to get this malware into both official and unofficial app stores.
That means it’s likely some of these malware-packed apps are finding their way onto the Google Play Store. The latter is usually considered a safe way for Android tablet and smartphone owners to browse and install new apps. Google has strong protections in place – unlike some of the other app repositories available online – however, malware still manages to infiltrate the store.
“While they are never long for life in these repositories, the persistence highlights how mobile malware, just like traditional endpoint malware, does not disappear but continues to be modified and advanced in a constant cat and mouse game,” Zimperium added.
It’s vital that all Android users do some research before downloading any apps onto their device as once Joker has infected the phone it can rack up huge bills without the owner ever knowing.
Just last month, researchers at Quick Heal Security Labs found 8 apps that were riddled with Joker with the firm telling Android users to delete them immediately. They also offered some simple advice on how to stay clear of any other malware threats. This includes…
• Download applications only from trusted sources like Google Play Store• Learn how to identify fake applications in Google Play Store• Do not click on alien links received through messages or any other social media platforms• Turn off installation from the unknown source option• Read the pop-up messages you get from the Android system before accepting/allowing any new permissions
You have been warned!