Mobiles & Tablets

Google removes 6 apps containing ‘Joker’ malware from Play Store: Report

Hemani Sheth Mumbai | Updated on September 08, 2020 Published on September 08, 2020

Google has removed six apps, that were flagged for being infected by Joker malware, from the Google Play Store, according to a report by cybersecurity firm Pradeo.

Pradeo had, in a blog post, reported that six apps on the Play Store were infected with Joker malware. The Joker malware, also called Bread, is known for conducting billing frauds by intercepting SMS to subscribe to unwanted paid services. The malware which disguises itself as legitimate apps makes purchases using WAP billing on behalf of users without them knowing about it.

Overall, the six apps — Safety AppLock, Convenient Scanner 2, Push Message-Texting &SMS, Emoji Wallpaper, Separate Doc Scanner and Fingertip GameBox — accounted for nearly 200.000 installs, Pradeo said.

The malware has been flagged by the tech giant on multiple occasions. The Android Security & Privacy Team, in a blog post in January, had detailed its efforts to tackle the malware, stating that it was one of the most persistent threats for users. It had removed over 1700 apps containing the malware by the beginning of this year.

“We first started tracking Bread (also known as Joker) in early 2017, identifying apps designed solely for SMS fraud. As the Play Store has introduced new policies and Google Play Protect has scaled defenses, Bread apps were forced to continually iterate to search for gaps. They have at some point used just about every cloaking and obfuscation technique under the sun in an attempt to go undetected. Many of these samples appear to be designed specifically to attempt to slip into the Play Store undetected and are not seen elsewhere,” the team had said in the post.

Follow us on Telegram, Facebook, Twitter, Instagram, YouTube and Linkedin. You can also download our Android App or IOS App.

Published on September 08, 2020
  1. Comments will be moderated by The Hindu Business Line editorial team.
  2. Comments that are abusive, personal, incendiary or irrelevant cannot be published.
  3. Please write complete sentences. Do not type comments in all capital letters, or in all lower case letters, or using abbreviated text. (example: u cannot substitute for you, d is not 'the', n is not 'and').
  4. We may remove hyperlinks within comments.
  5. Please use a genuine email ID and provide your name, to avoid rejection.