Warning: The Joker malware has infected over 500,000 Huawei Android devices
This time, the Joker's target is Huawei-branded Android devices, with an estimated number of infections not less than 500,000 cases.
More than half a million Huawei users are believed to have downloaded apps infected with the Joker malware on the company's official AppGallery app store platform. Security researchers found 10 applications in AppGallery that contain code to connect to a malicious command and control server (C2 server) operated by threat actors. This will allow the configuration and additional components to be received after the malware has successfully infected the victim's system.
Shade common applications
According to a report by security experts Doctor Web, during this campaign, the Joker malware still has most of the dangerous functions that have made its 'name'. For example, when the infection is successful on the target Android device, the malicious code will silently control SMS messages, contacts, device information, and collect some other important personal information such as passwords, The account name as well as some valuable data are being stored on the device.
In particular, the most serious threat posed by this malicious code to victims is the ability to automatically register paid wireless application protocol (WAP) services without the user's permission. The victim only really knew this when he paid the charges, and by then it was too late.
However, in this campaign, the Joker seems to be adding a new malicious feature, which requires access to the notification system on the device. This allows it to block the confirmation code sent by paid subscription services via SMS, leaving the user completely unaware.
According to researchers, the malware can subscribe to up to five services on its own. However, the threat actors behind malicious code operators can modify this limit at any time.
The list of applications containing the Joker malware detected on AppGallery to date includes virtual keyboard, camera app, launcher, online messenger, sticker collection, color software , and games.
Notably, 8 of these come from the same developer (Shanxi Kuailaipai Network Technology Co., Ltd.) and 2 from another. According to statistics, these 10 apps have been downloaded by more than 538,000 Huawei users.
The Doctor Web side has informed Huawei and the Chinese company has now removed all 10 of these apps from AppGallery. If you own one of the above apps, you need to immediately uninstall it from your device.
Also, you should double-check your entire transaction history to see if there were any suspicious payments you didn't recognize. Also, make sure to closely check the permissions you grant to every app installed on your Android device.
You should read it
- Android users need to remove these 8 malicious Joker apps immediately
- The Joker malware once again bypassed Google's security, spreading strongly on the Play Store
- More than 9 million Android devices infected with malicious code from applications in Huawei AppGallery
- Joker Wallpaper 4K, Joker 4K wallpaper, beautiful Joker photos
- Google 'purged' 24 applications downloaded nearly 500,000 times containing malicious malware
- 6 applications thought harmless but silently charge users, please remove immediately from your phone
- 5 types of malware on Android
- How many types of malware do you know and how to prevent them?
May be interested
- Hackers are taking advantage of the Store to distribute malwareapkpure, one of the world's largest online app stores, a google play store alternative, has been identified as infected with a dangerous strain of malware.
- What to do with a virus infected CD, DVD or USBhow to safely handle external devices such as cds, dvds or usb-infected viruses or malware.
- Downloaded malware? Try these fixes before factory reset!getting infected with malware is basically a given at some point; when it happens to you, follow these tips to save your malware-infected computer.
- Google stopped working with Huawei, the phone will not be updated Android, YouTube and Gmail cannot be accessedrecently, google officially withdrew huawei's license to cooperate and use android after the us president signed a decree banning all us telecommunications carriers from using huawei devices.
- How does malware get into smartphones?malicious apps are disastrous for smartphone users. regardless of whether you use ios or android, it will be terrible if the application is infected with malware.
- Ways to keep mobile devices safeaccording to mcafee, in the third quarter of 2014, the number of infected mobile devices exceeded 5 million. another statistic of security firm symantec in 2014 also found that 1 million of the 6.3 million mobile applications contain malware.
- Huawei is about to install HarmonyOS on all devices, leaving Android dual booting openhuawei is currently planning to install harmonyos for all devices while leaving support for dual boot to run android in case it can continue to work with google when the u.s. embargo is lifted.
- Warning: New DISGOMOJI malware uses Discord emoji to steal data!first discovered by security research firm volexity, disgomoji malware can use discord emoji to execute commands on infected devices.
- How to detect VPNFilter malware before it destroys the routervpnfilter is a destructive malware for routers, iot devices and even some network storage devices (nas). how do you detect if your devices are infected with vpnfilter malware? and how can you remove it?
- The list of Huawei smartphones will receive Android 10 and EMUI 10 updates in the near futurehuawei today officially announced the android 10 update schedule for its devices.