What if there is a malware that infests some of the apps on your Android smartphone or tablet and steals some private information? You know how disastrous this can be, right? Unfortunately, such malware exists, and it is known as the “Joker Malware”.
This is a Trojan malware that signs up a user for premium subscriptions without the consent of the user. This malware works by downloading secured configurations from what is known as a command-in-control server. This action is usually cloaked by the installation of an infected Android application.
The malware is practically undetectable, and it installs a component that extracts SMS details and other information. It is even known to interact remarkably well with ads. This action takes place as the host interacts with ad sites.
This malware can attack anyone, and it would help if you have good knowledge of how the malware operates—to enable you to get rid of it quickly or prevent its attack. So for your needs, this article covers all you need to know about this Trojan malware. Read on to learn more.
How the Joker Malware Operates
The primary aim of this malicious program involves gaining access, which, in turn, allows automatic sign-ups or subscriptions to premium services. The malware, steals text messages, device information, and contact details.
And since the hacker has access to the user’s SMS details, they could be siphoning money off the user’s bank account without the consent of the user. It is an ingenious action, even though the malware was created to cause untold harm to unsuspecting users.
Most of the subscription-based services that the malicious program signs up users without their consent are usually charged for several months. It can take months before users suspect or realize they have unwittingly subscribed to an unknown service. A few users catch on when they request and check out their credit card bills or account statements.
This Android-based malicious code was first discovered by Aleksejs Kuprins, a CSIS Security Group malware analyst. And since then, the malware has been under close monitoring.
Countries Targeted by the Android Trojan Malware
Cybersecurity researchers have been able to detect that this malicious Android-app-based computer program targets specific countries. The following are the countries in which a high number of cyber theft via the use of infested applications were discovered or reported: Austria, Australia, Brazil, Belgium, Cyprus, China, Germany, India, Portugal, Ghana, Norway, and Honduras.
Other countries affected by the malicious code include—Greece, Egypt, France, Kuwait, Myanmar, Qatar, Malaysia, Indonesia, Netherlands, Sweden, Slovenia, Serbia, Singapore, Italy, Ireland, Republic of Argentina, Ukraine, Thailand, Spain, Turkey, Switzerland, United Kingdom, United Arab Emirates, and the United States of America.
The majority of the Android applications, which aids the action of the malware are used predominantly in Asian and European countries.
In most of the countries listed earlier, an Android smartphone user is expected to make use of a SIM card. Without this SIM card, the malware may not be able to carry out its malicious operation.
Which Apps are affected by Joker Malware?
Up to 24 android applications have been infected with the novel Android-based Trojan malware, according to the analyst that first discovered it. These apps have racked up almost 500,000 downloads in the Google Play Store.
Google has since swung into action and removed the apps from its store without any prior contact from the researchers. The internet giant has since then removed up to 17,000 Android applications from its Play store. Each of these apps served as conduits for the malicious code.
The apps will be listed below in no particular order.
If you have any of these malware-infected apps installed on your Android smartphone, it’s best to uninstall and delete them immediately. In essence, this should be done manually, and ensure it is permanently uninstalled.
Here are the mobile apps that harbor the malicious Android-based program:
- Beach Camera
- Advocate Wallpaper
- Declare Message
- Great VPN
- Board Picture Editing
- Display Wallpaper
- Certain Wallpaper
- Ignite Clean
- Reward Clean
- Age Face
- Cute Camera
- Ruddy SMS
- Leaf Face Scanner
- Altar Message
- Humour Camera
- Rapid Face Scanner
- Climate SMS
- Spark Wallpaper
- Mini Camera
- Soby Camera
- Print Plan scan
- Antivirus Security – Security Scan
- Dazzle Wallpaper
- Collate Face Scanner
If you have used any of these apps on your tablet or Android smartphone, you should check your Google Play account. This is to confirm whether or not you have been subscribed to premium services.
However, finding anything in your Google Play account is very doubtful. What users should do instead is to check their bank or credit card statements for the past 6-8 months. The malicious code kicked off its latest batch of auto-subscriptions in June 2019
Users can also safeguard their contacts—since the malware can even steal contact lists—by letting them know that your mobile device was potentially infected.
Variants of the Joker Malware
Google appears to be right on top of the situation as they have detected up to three or more active variants of the Joker in circulation. These variants were discovered virtually at the same time, and each one targets different carriers.
They are also known to make use of different approaches and are more active at peak times of smartphone activity. About 23 Android applications embedded with the malicious code have been submitted to Google’s Play Store within a day. But Google has always detected and removed them before any downloads occur.
How to Remove the Joker Malware from Your Mobile Device
The first thing you should do is to uninstall and delete both the apps and their APKs (Android Package Kit) from your Android smartphone. The next thing is to check whether or not you are subscribed to premium services.
If you discover that you are subscribed to any premium services that were not originally authorized by you, proceed to cancel all the subscriptions.
You should only download and install trustworthy applications on your Android smartphone or tablet.
Exercising caution and paying attention to permissions that apps ask for is crucial. Some mobile applications access places they have no right to, so always check your app permissions from time to time.