Google has pulled out four mobile applications infected with the Joker malware from its Play Store, reports ZDNet. More than 100,000 Android devices downloaded the malicious apps, three of which were published only last month, while the other was initially released in November 2020, a report from Pradeo revealed. The stealthy Joker malware conducts in-app purchases and premium subscriptions without the knowledge of its victims. The report also showed that multi-factor authentication was evaded by two of the apps identified by Pradeo. Aside from performing in-app purchasing fraud, the Joker malware has also been found to have app installation and additional malware delivery capabilities. Users of Android devices have been urged to be more vigilant about malware-laced apps, which may be indicated by how the app has been accounted for by the developer, the presence of vague privacy policies, and the lack of specific company names or websites for the apps.