Uninstall these 11 apps now
The Joker malware now seems to not even care about the defenses raised by Google with the Play Protect security service on the Play Store. 11 more infected applications have been found on the Android app store, here's what they are and why you should remove them immediately!Joker is the name given to one of the most widespread malware families currently attacking the Android device market. Although this particular malware is now well known, it seems that it always manages to find a way to blend in among the numerous proposals of the Google Play Store.
The defenses of the Mountain View giant are circumvented thanks to changes in the code, in execution methods or payload recovery techniques. This spyware is designed to steal SMS messages, contact lists, device information and to subscribe the victim to paid WAP services.
Zscaler's ThreatLabz research team has found 11 other infected applications inside of the Google app store, which were promptly removed after reporting. Together these apps reached a volume of around 30,000 installations.
Here are the Joker-infected applications you should remove:
Free Affluent Message PDF Photo Scanner delux Keyboard Comply QR Scanner PDF Converter Scanner Font Style Keyboard Translate Free Saying Message Private Message Read Scanner Print Scanner This is not the first time we have talked to you about this malware and how it manages to spread among users through apparently harmless applications uploaded to the Google Play Store.
Second The ThreatLabz research team's analysis of over 50 infected apps over the past two and a half months, the categories of applications most affected by Joker are:
Communication (27.5%) Photography (7.8%) Personalization (21.6%) Health and fitness (1.9%) Tools (41.2%) “The developers of Joker seem to use a dictionary system to derive publisher names for their malicious apps. All apps with Joker malware used full names (full name) for developers, as shown below. Each developer also has only one app registered in their name. This information serves as indicators to help us identify potential Joker malware - although these criteria can certainly apply to legitimate apps as well. "
Poco X3 Pro is also available in Frost Blue colorway, you can find it on Amazon with 6GB of RAM and 128GB of internal memory for only 199.00 euros.
These 9 apps on Google Play Store were infected with malware that stole Facebook credentials, delete them now
In July last year, Google had removed 11 applications from the Google Play Store as they were infected with Joker malware. As it turns out, nine more apps that are available on Google Play Store are infected with malware. What is even worse that these apps might have risked the Facebook accounts of around six million users. According to Dr Web, these applications ask users to log into their Facebook accounts to get rid of ads, and when users type the Facebook credentials, these apps steal the login ID and password, risking the security of their Facebook accounts. Google has removed these nine applications from the Google Play Store but not before these apps were downloaded millions of times. Here is the complete story.
Also read: Beware! ‘Flubot’ malware targeting Android phones can steal your netbanking passwords
On July 1st, Dr Web published a report showing proof that nine applications that are available on the Google Play Store are infected with malware and that these apps are stealing the Facebook credentials of the users. According to Dr Web, these applications contain advertisements and ask users to log in to their Facebook accounts to get rid of the ads. When a user agrees to log in to Facebook, these apps load the genuine Facebook page. However, these applications immediately load a JavaScript that they receive from a C&C server into the WebView. This script steals the login ID and password that the user types on the page. Below are the names of these nine malware-infected apps.
Google quickly acted on the information revealed by Dr Web and removed the nine applications from the Google Play Store along with banning the accounts of these developers. However, when combined, these applications were downloaded more than six million times before they were removed. So, it is possible that the Facebook credentials of around six million users have been compromised. If you have any of these apps on your device, you should delete them right now.
While Google acted quickly on the information, the question is that how did these apps pass Google’s security check. Evidently, Google’s current security measures aren’t enough to keep malware away from the Play Store.