Users of Android devices are at risk of being infected by the Joker malware
through malicious trojanized apps on the Google Play Store, The Hacker News
While Google has continuously bolstered its defenses, apps on the Play Store have been consistently targeted for malware installation, a Kaspersky report revealed.
"They're usually spread on Google Play, where scammers download legitimate apps from the store, add malicious code to them and re-upload them to the store under a different name," wrote researcher Igor Golovin.
Google Play's security processes have been evaded by Joker through a "dormant" payload that is only activated once the apps are already on the Play Store. Google has already removed the Style Message, Blood Pressure App, and Camera PDF Scanner apps identified to have been infected by Joker. However, third-party app providers were discovered to continue offering the malicious apps.
"Subscription trojans can bypass bot detection on websites for paid services, and sometimes they subscribe users to scammers' own non-existent services. To avoid unwanted subscriptions, avoid installing apps from unofficial sources, which is the most frequent source of malware," Golovin added.