ThreatLabz, a research team under the US cloud information security company Zscalar, released the latest report that 11 applications (Apps) have been implanted with the latest Joker spyware on the Google Play Store.
The apps in question are mainly focused on tools and communications.
Once the user is "successful", he will be "ordered" for expensive products or plans without knowing it, and will use the victim's credit card information stored in the Google Play Store to pay.
According to the researchers, apps that hide Joker often use variant technologies such as code changes and execution methods to bypass the security review of the Google Play Store.
After users download these apps, in addition to the above operations such as stealing SMS and contact list, their device will also be used for financial fraud, such as registering wireless application protocol (WAP) for users to earn money for their operators Take some gains.
Joker will also abuse Android's push notification system to request all notifications to be read.
If the user agrees, when the person is faced with a service that may register and use fraud, the push notification that warns it of the problem will be hidden.
ThreatLabz has been monitoring Joker and has found more than 50 applications in the Google Play Store in the past 2.5 months.
ThreatLabz recently discovered these 11 malicious applications and immediately notified the Google Android security team. The latter had deleted them from the Google Play Store, but unfortunately, they have been downloaded about 30,000 times.
The 11 apps of Joker were detected as follows:
1. Free Affluent Message
2. PDF Photo Scanner
3. delux Keyboard
4. Comply QR Scanner
5. PDF Converter Scanner
6. Font Style Keyboard
7. Translate Free
8. Saying Message
9. Private Message
10. Read Scanner
11. Print Scanner
Reuters: Chinese mobile phone giants join forces to challenge Google Play store status. Google Play becomes a hotbed of malware SimBad. 150 million app users worldwide recruit Google Play to remove 60 children’s games. Hidden malware spreads pornographic ads and scams