A team of researchers from the major security firm Pradeo has detected six new Android applications that infect your mobile with Joker, the malware that empties your checking account. Find out if you have any of them installed.
In 2017, a malware campaign was uncovered to infiltrate many malicious applications directly into the Play Store, bypassing all Google security measures. These new android apps infected the smartphones of their victims with Joker, a malware that carried out ad fraud.
Since this Android virus was discovered, the Mountain View company has removed over 1,700 malicious apps hiding the Joker malware from Google Play. But these efforts are not much, and the virus reappears from time to time. Being one of the most persistent threats in the Google store.
A team of researchers from the cybersecurity firm Pradeo has detected six new apps that install Joker on mobile phones. Some of the tools that have been identified are more popular than others. And in total, it accumulated close to 200,000 downloads.
But how does this Android malware work? The mechanics of infection are as follows: the virus remains hidden in an application that seems legitimate. But it is malicious software that installs the virus without the user noticing. Once it is on the device, Joker tries to generate profits for criminals through fraudulent advertising activities. This can also be very expensive for the victims.
And it is that, apart from interacting with advertising networks and websites simulating clicks. It is also capable of registering users to premium SMS services. With the expense of money associated with this type of service. Apart from this, it also has the usual functions of a Trojan, such as stealing SMS, contact information, and device data.
Here is the list of new applications infected with this virus that has been detected. If you have any of them installed, remove them as soon as possible to avoid their fraudulent activities:
- Safety AppLock
- Convenient Scanner 2
- Push Message-Texting & SMS
- Emoji Wallpaper
- Separate Doc Scanner
- Fingertip GameBox
According to the latest Symantec report, malware called xHelper has been installed on over 45,000 mobiles worldwide. It is almost impossible to remove, as it reinstalls even when the mobile phone is formatted.
Although the number of infected mobiles is almost ridiculous, its ability to stay on the mobile has attracted attention. Most users cannot eliminate this malware that clings to the operating system. That’s the way almost impossible to stop.
The application that carries the malware comes under the title of xhelper. And its primary function is to download numerous malicious apps that invade the phone. And begin to display increasingly invasive advertising.
Since March, this application has appeared in Google Play. It is another example of the problems the application store suffers despite all the measures it tries to build to hinder thousands of malware programs.
How malware works are highly investigated since it is most likely installed in the operating system code to avoid being removed when the mobile is formatted. At the same time, the most affected areas are the United States, India, and Russia. Worldwide concern about these programs continues to grow.