Google has removed six apps, that were flagged for being infected by Joker malware, from the Google Play Store, according to a report by cybersecurity firm Pradeo.

Pradeo had, in a blog post, reported that six apps on the Play Store were infected with Joker malware. The Joker malware, also called Bread, is known for conducting billing frauds by intercepting SMS to subscribe to unwanted paid services. The malware which disguises itself as legitimate apps makes purchases using WAP billing on behalf of users without them knowing about it.

Overall, the six apps — Safety AppLock, Convenient Scanner 2, Push Message-Texting &SMS, Emoji Wallpaper, Separate Doc Scanner and Fingertip GameBox — accounted for nearly 200.000 installs, Pradeo said.

The malware has been flagged by the tech giant on multiple occasions. The Android Security & Privacy Team, in a blog post in January, had detailed its efforts to tackle the malware, stating that it was one of the most persistent threats for users. It had removed over 1700 apps containing the malware by the beginning of this year.

“We first started tracking Bread (also known as Joker) in early 2017, identifying apps designed solely for SMS fraud. As the Play Store has introduced new policies and Google Play Protect has scaled defenses, Bread apps were forced to continually iterate to search for gaps. They have at some point used just about every cloaking and obfuscation technique under the sun in an attempt to go undetected. Many of these samples appear to be designed specifically to attempt to slip into the Play Store undetected and are not seen elsewhere,” the team had said in the post.

comment COMMENT NOW