scorecardresearch
Follow Us:
Monday, October 26, 2020

Google removes over 1,700 apps affected by Joker malware from Play Store

Google stated that these apps were uploaded as clean apps and after being confirmed added the malicious code via an update.

By: Tech Desk | New Delhi | January 10, 2020 10:21:18 pm
Joker malware, Android, Joker, Android joker, Android malware, play store The malware started back in 2017, where it indulged in SMS fraud. After Google restricted use of SMS permission, it moved to toll billing fraud.

Google back last year removed 24 apps infected with the ‘Joker‘ malware from its Play Store. The apps before being removed had amassed over 5,00,000 downloads. At the time Google did not details what the malware did. Now, the company has opened up a bit and provided us with more details regarding it.

It claims that the ‘Joker’ malware is a harmful “large-scale billing fraud family“, which tried a lot to get past the company’s security walls and charge users unethically.

The malware started back in 2017, where it indulged in SMS fraud. After Google restricted use of SMS permission, it moved to toll billing fraud. Google in a blog post, claims that the Joker malware family has used every cloaking and obfuscation technique to go undetected.

Under the toll billing fraud, the family made the user visit a URL to complete billing and enter their phone number. It used injected clicks, custom HTML parsers and SMS receivers to automate the billing process without the user noticing.

Also Read: Google India announces Best of 2019 Apps on Play Store: Call of Duty, Spotify top the list

It has also tried using standard crypto libraries, custom-implemented encryption algorithms, some obfuscation methods utilizing JavaScript in WebViews and several commercially available packers to go undetected. Moreover, the malware affected apps had fake contact information and the billing process started even without the user confirming it.

Google stated that these apps were uploaded as clean apps and after being confirmed added the malicious code via an update. At times there are 23 different apps being uploaded to the Play Store under this malware family, whereas, sometimes there are no apps being uploaded for weeks.

Google says it has detected and removed 1,700 unique apps from the malware family on its Play Store, even before being downloaded by a single user.

📣 The Indian Express is now on Telegram. Click here to join our channel (@indianexpress) and stay updated with the latest headlines

For all the latest Technology News, download Indian Express App.

Advertisement
Advertisement
Advertisement
Advertisement