Six more applications infected with Joker malware, which were located at Google Play store with a total of over 200.000 downloads, were discovered by the team Cybersecurity. This is another case of dangerous applications that plague users Android lately.
Malicious Joker software pretends to be a legitimate application in the Play Store. But once installed in one device, performs billing fraud either via SMS to a premium number or by using the victim's account to make multiple purchases using WAP billing.
The malware operates underground, without requiring any action on the part of the user, so it is not easy to locate, until the user receives his mobile account and discovers additional charges.
So far, 1.700 applications containing Joker malware have been removed from the Play Store since 2017, however it seems that the malware continues to reappear.
Of the six applications unveiled, one called "Convenient Scanner 2Has been downloaded over 100.000 times, while the "Separate Doc Scanner»Has been downloaded by 50.000 users.
Another application, the "Safety AppLock", Claims to" protect your privacy "and has been installed 10.000 times by users who will eventually find that their application is harming instead of protecting them.
Two more applications, the "Push message texting & SMS" and "Emoji wallpaper", Have received 10.000 downloads each, while one with the name Fingertip GameBox has been downloaded 1.000 times.
The six apps have now been removed from the Play Store following their revelation by Pradeo on Google.
Those users who have downloaded any of the applications at smartphone they are asked to remove them immediately.
According to Google, Joker malware is one of the most persistent threats facing the Play Store, as its creators have used it in many different forms to make it go unnoticed.
In many cases, malicious applications have been able to bypass Play Store protection by initially introducing legitimate features.
The creators of Joker try to encourage malware downloads by introducing false positive reviews. The person or group behind the Joker malware is very likely to still be active and trying to trick more users into downloading malware to continue the deception.