Tuesday, November 24, 11:59
Home security Google Play Store: 17 more Joker malware applications removed

Google Play Store: 17 more Joker malware applications removed

Η Google remove others 17 Android applications from the Play Store. The applications were infected with Joker malware and were identified by researchers security of Zscaler.

"This spyware is designed to steal SMS messages, contact lists and device information while also secretly recording victim in premium WAP services (wireless application protocol)Said researcher Viral Gandhi.

The 17 malware downloaded to the Play Store had a total of over 120.000 downloads.

The names of the 17 applications are:

  • All Good PDF Scanner
  • Mint Leaf Message-Your Private Message
  • Unique Keyboard - Fancy Fonts & Free Emoticons
  • Tangram App Lock
  • Direct Messenger
  • Private SMS
  • One Sentence Translator - Multifunctional Translator
  • Style Photo Collage
  • Meticulous Scanner
  • Desire Translate
  • Talent Photo Editor - Blur focus
  • Care Message
  • Part Message
  • Paper Doc Scanner
  • Blue Scanner
  • Hummingbird PDF Converter - Photo to PDF
  • All Good PDF Scanner

Once Google has been notified of the malware, it has followed the prescribed procedures. Remove the apps from the Play Store and use it service Play Protect to disable applications on infected Appliances. However, users must also remove applications from their devices.

Many Joker malware applications have been found in the Play Store

Is third time that Google removes applications infected with Joker malware.

At the beginning of the month, h company removed six other such applications, which had been reported by researchers security of Pradeo.

In July, Google was informed of similar applications by its security researchers Anquanke. This batch has been active since March and has managed to infect millions Appliances.

In most cases, these applications manage to bypass Google's defenses and reach the Play Store, using a technique called "droppers“, Where the victim's device is infected in several stages. The technique is quite simple, but it manages to overcome the obstacles of Google.

Initially, malware creators clone the operation of a legitimate application and upload it to the Play Store. This application is fully functional, asks for many permissions to access sensitive data, but does not perform malicious activity when running for the first time.

Malware starts after hours or even days, so Google security scans do not receive the malicious code, allowing the application to go to the Play Store.

But malicious applications eventually download and install other components or applications on the device. These items contain the Joker malware or other malicious software.

The Joker malware, which Google internally calls "Bread", Relies heavily on the dropper technique. In this way he has managed to penetrate the Play Store many times, maybe more times than any other malware.

In January, Google published a blog post describing it Joker malware as one of the most persistent and advanced threats which has faced in recent years. Google said security teams have removed more than 1.700 apps from the Play Store since 2017. But, apps with the Joker are very popular and have also been reported in stores Android third-party applications.

Anquanke's investigators said they have located more than 13.000 samples of Joker malware since the malware was discovered in December 2016.

Defending yourself from the Joker is tough, but the users can be protected to some degree if they are careful with the applications they download. For example, should avoid applications that require access to many data and look at other users' ratings.

Other malicious applications

According to ZDNet, the Bitdefender reported a group of malicious applications to Google's security team. Some of these apps are still available in the Play Store. The researchers did not name the applications but only them accounts of developers of which were uploaded to the Play Store. The users who have installed applications from these developers should remove them immediately.

  • New
  • Piastos
  • imirova91
  • Progster
  • StokeGroove
  • VolkavStune

LEAVE ANSWER

Please enter your comment!
Please enter your name here

Digital Fortresshttps://www.secnews.gr
Pursue Your Dreams & Live!

LIVE NEWS

Arrest of fraudsters for a scam associated with the sale of an airplane!

U.S. police have arrested a man in connection with a multimillion-dollar scam involving the sale of an airplane to Australia. In 2018, research began after ...

Black Friday offers: Windows 10 completely FREE!

Black Friday offers: Windows 10 completely FREE! Black Friday is a huge promotional event created by big retailers ...

TikTok fixes bugs that allowed account breaches

TikTok has encountered two vulnerabilities that could allow intruders to take over accounts with a single click when connected together ...

Parliament Street: UK MPs receive millions of email attacks every month

UK MPs have been repeatedly targeted by hackers, with email attacks receiving a 60% increase from year to year ...

Louisiana hospitals have reported data breaches

Thousands of Louisiana patients have fallen victim to a cyber attack that has hit US medical facilities. LSU Health New Orleans published ...

Fake Minecraft modpacks bombard devices with ads

Hackers managed to bypass the protections of the Google Play Store and publish more than 20 fake modpacks for the popular game ...

Brazil Supreme Court: Recovers after ransomware attack

After suffering the most serious cyber attack ever orchestrated against a Brazilian public sector institution, the Supreme Electoral Court (STJ) ...

Compal: Hackers demand ransom of $ 17 million

As mentioned in our previous article, the Taiwanese electronics company Compal, which manufactures laptops for leading global brands, such as HP ...

GitHub: Fixed a serious vulnerability discovered by Google

GitHub has finally fixed a serious vulnerability reported by Google's security team, Project Zero. The researchers had informed ...

Does your smart bell open the door to hackers?

Consumers who bought "smart bells" from online markets such as Amazon Marketplace and eBay, which are identical to Amazon ...