Recent research has shown that the Google Play Store has apps that employ malicious joker malware. A total of 11 apps were found by the cybersecurity team of Zscaler’s Threatlabz which contain the threat of malware in them. These apps were found to be regularly uploaded and have more than 30000 installs.
The Joker malware is popular malware which steals many important and sensitive information about users like contact lists and messaging details. It can trigger apps that contain them to text some contacts and thereby conduct financial fraud. It can also make the app read all the notifications on the phone.
The apps like PDF Converter Scanner and Translate Free are found to have used the malware. The researchers commented that the malware is constantly updated to prevent the security systems from identifying the threats posed by the malware. Other malware uses trojans to gain access to devices, Joker malware uses URL shortener services for the same.
The team identified some interesting facts about these apps. If any other app containing the same malware is present on the device it will not further attempt to gain access. ThreatLabz also notes that the malware-containing apps are successful in passing the security controls of both the Play Store and the device.
Google has taken immediate actions against this kind of malware and has removed many of those apps. This is at the same time when Atlas VPS has submitted their research report finding that over 60% of Android apps contain security vulnerabilities. It is time to take these vulnerabilities seriously to avoid similar attacks.