Sunday, February 21, 22:36
Home security Joker Malware apps are redistributed through the Google Play Store

Joker Malware apps are redistributed through the Google Play Store

Joker Malware

Researchers security they discovered another incident with me Android malware hidden in applications and registers unsuspecting users in premium services without knowing it. Her researchers Check Point they discovered that the famous Joker malware he found another trick to bypass his protections Google Play Store: hides the malicious DEX executable in the application as "Base64 encoded strings", which are then decoded and loaded into the compromised device.

Following the revelation of Check Point researchers, the 11 suspects applications removed from the Google Play Store on April 30, 2020.

“Joker malware is difficult to locate, despite the addition of additional levels protection in the Google Play Store, ”said Check Point Aviran Hazum, who identified the new Joker malware mode. "Although Google removed the malicious ones applications from the Play Store, we expect the Joker to adapt again ".

Joker malware was discovered in 2017 and is one of the most popular types of Android malware. It is known for committing fraud, the spyware its capabilities and theft of SMS messages, contact lists and information device.

The Joker infected a lot of Android applications in the previous year, which were discovered by CSIS Security Group, Trend Micro, Dr.Web and Kaspersky. The researchers found that malware was constantly finding ways to exploit vulnerabilities in Play Store security checks.

The creators of Joker malware have used various methods to hide the true nature of the applications and avoid detection.

"As the Play Store introduced new policies and Google Play Protect strengthened its defenses, the Joker applications began to look for new gaps. security", Said the Android security and privacy team. "They used almost every concealment technique in an attempt to hide them."

Google Play Store

As of January 2020, Google has removed more than 1.700 Play Store apps over the past three years and infected them with malware.

The new variant of Joker malware detected by Check Point achieves its purposes by utilizing the manifest file of the application, which it uses to load one file DEX coded Base64.

A second "intermediate" version uses a similar technique to hide the .dex file.

"To enable users to sign up for premium services without their knowledge or consent, the Joker malware used two main elements - the Notification Listener as part of the original application and one dex file which is loaded by the C&C server to perform the registration ", said the researchers.

The latest version of the Joker reminds us that Android malware is constantly evolving, so we must always be on the lookout.


Please enter your comment!
Please enter your name here

Digital Fortress
Digital Fortress
Pursue Your Dreams & Live!


How to make a Facetime Audio call

Tired of low quality cell phone calls? Thanks to FaceTime, you can make high-resolution calls if you use iPhone, iPad, ...

How to add special effects to Instagram messages

Did you know that you can make instant Instagram messages more impressive? Like any other Instagram feature, you can add special ...

Only 270 addresses are responsible for 55% of all money laundering

Cybercriminals who keep their money in cryptocurrencies tend to "launder" money through a small set of online services, according to ...

Twitter: Voice messages are coming! How do we send them?

Twitter will soon support voice messages in both iOS and Android applications. This means that you will be able to send ...

How to connect a Bluetooth headset to a Nintendo Switch

The Nintendo Switch has a headphone jack. However, most headphones have become wireless so you will need a way to connect them ...

How to hide your phone number in Telegram

If you wish to create a Telegram account, you must provide your telephone number. In this way, Telegram validates the ...

Google Assistant: How can you delete your recordings?

Google Assistant can make your daily life much easier. However, it also involves some privacy issues, as ...

Microsoft: Office 2021 / Office LTSC coming in the second half of 2021

Microsoft announced that the Microsoft Office Long Term Service Channel (LTSC) and Office 2021 will be released in 2021, for ...

How to quickly create QR codes with Bing

If you ever need to create a QR code, but you do not know how, Microsoft has an easy-to-use tool available in any program ...

Brave: Onion addresses leaked to DNS traffic

The Tor function included in the Brave web browser, allows users to access .onion dark web domains within ...