The Joker malware once again bypassed Google's security, spreading strongly on the Play Store
The Joker malware has been around since 2017, but Google has so far struggled to detect and stop it.
Security researchers at Check Point have just discovered that the Joker malware is spreading on Android devices. Joker often lurks in legitimate applications and then silently signs up for high-cost services without the user's knowledge.
The Joker has been repeatedly deleted from the Play Store several times, but it soon finds a way to return. This time, it hides the malicious DEX executable code inside the application as a Base64 encoded string. Once hacked into the victim's device, the strings will be decoded and then launched.
The Joker malware has been around since 2017 and is very sophisticatedAfter receiving a warning from Check Point, Google removed 11 applications containing Joker malware from the Play Store on April 30, 2020.
"It is difficult to detect the Joker malware even though Google has invested heavily in Play Store protection measures , " said Check Point expert Aviran Hazum, who discovered Joker's new intrusion methods. "Although Google has removed applications containing Joker from the Play Store, we think this malicious code will be able to return in the future."
First discovered in 2017, Joker is a well known and popular Android malware. In addition to scams and self-registration of expensive services, Joker can also steal information such as SMS, contacts and device information.
Last year, Joker-related campaigns reached a peak when a number of security units such as CSIS Security Group, Trend Micro, Dr.Wed and Kaspersky discovered a series of malicious applications. In addition, Joker is constantly finding unique ways to exploit vulnerabilities in Play Store's security testing method.
To hide their true nature, the guys behind the Joker used a variety of methods including chain security to avoid detection tools, buy fake reviews to attract users to download. application. The most sophisticated technique is versioning, bringing the Play Store a clean, quality application to attract users to download, then silently update more malware.
Below is a list of applications infected with the new Joker malware, the application name is in the 2nd column, behind the com .
List of applications infected with Joker malware new versionYou should check if your device has any of these installed. If so, immediately remove and check the transaction history for any suspicious payment.
You should read it
- What is Malware Joker? How to fight Malware Joker?
- Discovering many applications containing malware on Google Play Store, Android users should worry gradually
- Google 'purged' 24 applications downloaded nearly 500,000 times containing malicious malware
- What to do when Google Play Store is not working?
- Android apps contain malicious code that uses motion sensors to avoid detection
- Google declined to add 55% of the new Android application to Play Store in 2018, but that's not enough!
- Download Google Play 24.2.15-16
- How to download CH Play and install Google Play on the phone
- The best Google Play Store tips and tricks for Android users
- 4 Android VPN applications with over 500 million downloads were found to be ad fraud
- 5 alternatives to Google Play Store can be installed on Android TV
- These Android apps with more than 100,000 downloads contain Joker malware, please remove immediately
Maybe you are interested
Instructions for turning on Dark Mode on Office 2019 7 reasons laptop does not power up and how to fix it effectively Discovering mammoth bones that remain in ligaments after more than 10,000 years of extinction Strptime () function in Python Colorful accessories of Sony Vaio E series Review the Sony VAIO Y-series Notebooks