Joker malware floods Android market – News

0
5


The malware is extremely lucrative and purchases subscriptions to expensive services at victims’ expense.

Security researchers warn of a flood of new malware apps on Google Play and third-party app markets. Dozens of them come from the same very lucrative family. The so-called ‘Joker’ app has been around since 2016 but became one of the most common threats on Android this year. The malware settles into the operating system and from there secretly signs up the victim for all kinds of expensive subscriptions.

Joker can also steal information, including text messages and contact lists. The malware was already found in eleven apparently harmless apps on Google Play in July, but security officer Zscaler says it has now found a new series of 17 apps that are infected with Joker. They were all put on Google Play in September and have been downloaded 120,000 times. Another security guard, Zimperium, reports 64 new variants of Joker, which could be found on third-party app stores this month. Security companies Pradeo and Anquanke have also found examples of the malware in recent months, writes tech site Ars Technica.

According to Zscaler, who conducted an extensive technical analysis of the apps on his blog, the malware is highly nimble, moving beyond Google Play’s automatic control by making new changes to its code, execution methods and the way it is. payload ‘.

The apps end up on victims’ devices by pretending to be legitimate software that initially contains nothing more than a ‘dropper’, a small line of code that, after a waiting period, will download and install the actual malware. Joker also uses all kinds of disguises for those downloads to resemble harmless packages such as games, wallpapers and other apps. This makes it much more difficult to detect the malware. The Android apps in question were reported to Google and have since been removed from the Play Store.

Security researchers warn of a flood of new malware apps on Google Play and third-party app markets. Dozens of them come from the same, very lucrative family. The so-called ‘Joker’ app has been around since 2016 but became one of the most common threats on Android this year. The malware settles into the operating system and from there secretly signs up victims for all kinds of expensive subscriptions. Joker can also steal information, including text messages and contact lists. The malware was already found in eleven apparently harmless apps on Google Play in July, but security guard Zscaler says it has now found a new series of 17 apps that are infected with Joker. They were all put on Google Play in September and have been downloaded 120,000 times. Another security guard, Zimperium, reports 64 new variants of Joker, which could be found on third-party app stores this month. Security companies Pradeo and Anquanke have also found examples of the malware in recent months, tech site Ars Technica writes. Play by constantly making new changes to his code, execution methods and the way he downloads his payload. The apps end up on victims’ devices by pretending to be legitimate software that initially contains nothing more than a ‘dropper’, a small line of code that, after a waiting period, will download and install the actual malware. Joker also uses all kinds of disguises for those downloads to resemble harmless packages such as games, wallpapers and other apps. This makes it much more difficult to detect the malware. The Android apps in question were reported to Google and have since been removed from the Play Store.







Source link by https://datanews.knack.be/ict/nieuws/joker-malware-overspoelt-android-markt/article-news-1647255.html?cookie_check=1601420667

*The article has been translated based on the content of Source link by https://datanews.knack.be/ict/nieuws/joker-malware-overspoelt-android-markt/article-news-1647255.html?cookie_check=1601420667
. If there is any problem regarding the content, copyright, please leave a report below the article. We will try to process as quickly as possible to protect the rights of the author. Thank you very much!

*We just want readers to access information more quickly and easily with other multilingual content, instead of information only available in a certain language.

*We always respect the copyright of the content of the author and always include the original link of the source article.If the author disagrees, just leave the report below the article, the article will be edited or deleted at the request of the author. Thanks very much! Best regards!

LEAVE A REPLY

Please enter your comment!
Please enter your name here