Security researchers unmasked six applications on the Android Play store that were infecting users with Joker malware for the past three years.
Joker malware emerged in 2017, it appears as a legitimate app but once installed it simulates clicks and intercepts SMS messages to subscribe users to unwanted paid premium services without their user’s knowledge until they receive bill alerts from there banks.
Google also confirmed all these six applications were removed from Google with a total of 200,000 installations and the users are advised to immediately delete them from their device to avoid fraudulent activities.
Most apps containing Jocker malware include external code. Once they’re approved by Google Play developers and installed by users then it automatically downloads and executes malicious code.
These are the apps,
- Convenient Scanner 2 (with 100,000 installs)
- Separate Doc Scanner (with 50,000 installs)
- Safety AppLock (with 10,000 installs)
- Push Message-Texting & SMS (with 10,000 installs)
- Emoji Wallpaper (with 10,000 installs)
- Fingertip GameBox (with 1,000 installs)
Interestingly an app ‘Safety AppLock’, claiming to ‘protect your privacy’ has been stealing from its users from the beginning.