Google has taken steps to axe dozens of fraudulent apps from the official Play Store that were spotted propagating Joker, Facestealer, and Coper malware families through the virtual marketplace.
While the Android storefront is considered to be a trusted source for discovering and installing apps, bad actors have repeatedly found ways to sneak past security barriers erected by Google in hopes of luring unsuspecting users into downloading malware-laced apps.
The latest findings from Zscaler ThreatLabz and Pradeo are no different. “Joker is one of the most prominent malware families targeting Android devices,” researchers Viral Gandhi and Himanshu Sharma said in a Monday report.
“Despite public awareness of this particular malware, it keeps finding its way into Google’s official app store by regularly modifying the malware’s trace signatures including updates to the code, execution methods, and payload-retrieving techniques.”
Categorized as fleeceware, Joker (aka Bread) is designed to subscribe users to unwanted paid services or make calls to premium numbers, while also gathering SMS messages, contact lists, and device information. It was first observed in the Play Store in 2017.
images from Hacker News