Via Ars Technica
A malware strain dubbed “Joker”, which can sign users up for unwanted services and steal their sensitive data, continues to make its way onto Android devices via app impersonations.
Malicious Android apps continue to be found on Google Play Store and one of them, “Joker” is particularly damaging and hard to detect. Earlier this summer, researchers found the malware in 11 apps that have been downloaded half a million times and earlier this month, 17 were found, having been downloaded 120,000 times.
Joker is even more prevalent in third-party app stores, and while Google removes the offending app once they’re alerted to the problem, the issue is that the apps are allowed on the Google Play Store in the first place, putting users at risk.
However, Joker is intentionally hard to detect, even by popular antivirus apps. The malware is comprised of just a few lines of code hidden in an app’s file. The app on the other hand, may be legitimate or may be impersonations of popular apps in order to increase the malware’s reach. Once the app is installed on a victim’s phone, it could be hours or days before the malware uses the device’s own SMS messaging to sign up for premium services, charging the user. It can also look at all text messages, contact lists, and obtain other device information.
Stay away from third-party app stores. They have almost no security and are a breeding ground for malicious apps. In general, you should also be judicious about what kinds of apps make it on your phone — they may not all be malware, but any app will harvest some kind of data from you, which may affect your privacy.
Lastly, consider downloading an antivirus app that may warn you if you have a malicious app on your phone. Ars Technica recommends apps from companies like Malware Bytes, Eset, and F-Secure. However, these apps won’t flag all malicious apps and some Joker apps have been known to bypass this kind of detection.
To learn more about Joker and the risk it poses to devices, check out the Ars Technica article here.