Risk Assessments/Management, Breach, Supply chain, Threat Management

Joker malware spread by malicious apps

Share
Users of Android devices are at risk of being infected by the Joker malware through malicious trojanized apps on the Google Play Store, The Hacker News reports. While Google has continuously bolstered its defenses, apps on the Play Store have been consistently targeted for malware installation, a Kaspersky report revealed. "They're usually spread on Google Play, where scammers download legitimate apps from the store, add malicious code to them and re-upload them to the store under a different name," wrote researcher Igor Golovin. Google Play's security processes have been evaded by Joker through a "dormant" payload that is only activated once the apps are already on the Play Store. Google has already removed the Style Message, Blood Pressure App, and Camera PDF Scanner apps identified to have been infected by Joker. However, third-party app providers were discovered to continue offering the malicious apps. "Subscription trojans can bypass bot detection on websites for paid services, and sometimes they subscribe users to scammers' own non-existent services. To avoid unwanted subscriptions, avoid installing apps from unofficial sources, which is the most frequent source of malware," Golovin added.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.