Joker Virus is Back, Targeting Android Devices

 

The notorious Joker has made a comeback, according to Belgian police, who cautioned about the Joker Virus that only targets Android smartphones and lurks in numerous apps available on the Google marketplace known as Play Store. 

The Joker malware is among the most tenacious and annoying viruses for Android, and it is even capable of infecting people through the use of the Google Play Store since it is disguised within defenseless apps. This Joker software can completely deplete victims' bank account of all funds. The 'Joker' Trojan infection is part of the Bread malware family, whose primary goal is to hijack cell phone bills and allow activities without the user's knowledge. 

As per experts at cybersecurity firm Quick Heal Security Lab, the Joker virus could access user smartphone's text messages, contact information, and a variety of other data, enabling it to enroll in websites providing premium services. Due to this users face the danger of receiving a large bill from their bank or credit card at the end of the month. 

"This malicious program has been detected in eight Play Store applications that Google has suppressed," stated the Belgian authorities in a statement published on Friday 20th August on their website. 

The 'Joker' malware made headlines in 2017 for attacking and stealing data from its victims while masquerading in several applications. Since that day, Google Play Store defense systems have deleted approximately 1,700 apps containing the 'Joker' malware before they could be installed by users. The 'Joker' virus was discovered in 24 Android applications in September 2020, with over 500 thousand downloads before even being deactivated. It is suspected that more than 30 countries were impacted at the time, along with the United States, Brazil, and Spain. Hackers might take up to $7 (approximately 140 Mexican pesos) per subscription weekly via illicit memberships, an amount that has most certainly escalated in recent months. 

According to La Razón, the cybersecurity firm Zscaler has publicly revealed the names of 16 other apps that, according to its investigation, also include this dangerous code: Private SMS, Hummingbird PDF Converter - Photo to PDF, Style Photo Collage, Talent Photo Editor - Blur focus, Paper Doc Scanner, All Good PDF Scanner, Care Message, Part Message, Blue Scanner, Direct Messenger, One Sentence Translator - Multifunctional Translator, Mint Leaf Message-Your Private Message, Unique Keyboard - Fancy Fonts & Free Emoticons, Tangram App Lock, Desire Translate and Meticulous Scanner. 

Initially, apps infected with 'Joker' or another Malware from any of this family committed SMS fraud but soon began to target electronic payments. These two strategies make use of telephone operators' interaction with suppliers to permit service payment via the mobile bill. Both necessitate device authentication but not human verification, allowing them to automate transactions without requiring any user participation. 

In addition, it is typical for all those impacted by 'Joker' to be unaware of the theft unless they thoroughly study their bank statements. It's because the bank does not detect an evidently 'regular' membership and, in general, the charges are so little that they are not noticed as odd movements, therefore the account holder does not even send a traffic notification. 

Furthermore, the malicious applications that the Google Play Store removed upon discovering that they carried the 'Joker' virus are as follows: Auxiliary Message, Element Scanner, Fast Magic SMS, Free Cam Scanner, Go Messages, Super Message, Super SMS, and Travel Wallpapers.


from E Hacking News - Latest Hacker News and IT Security News https://ift.tt/3BazMkh

Comments