The Joker he is back. Through its corporate blog, the cybersecurity firm Pradeo warned that they found four applications for cellphone who infected this malware over the past few weeks. The affected applications have thousands of downloads behind their back.
Google has made great efforts to clean up its app store but, despite them, some manage to bypass all the filters and enter google play to infect thousands of people. This happens, in part, because they are looking for a specific application but they don’t stop to check their name or possible consequences that you can have your installation on your devices.
The electronics giant has already removed each of them from its app store. However, these they do not disappear from mobile once installed, therefore, it is advised to review and remove them immediately as they can be potentially harmful.
This is how it works Joker in the applications
First of all, the Joker use a Software malicious to infect the device and embed itself into the system. After that, the malware identifies the country in which the device is located and looks at the infrastructure of command and control in order to receive the encrypted setup.
Once done, the program decrypts a DEX file and downloads it to the mobile phone to begin steal information of the same. After doing this, the Joker starts collecting information from SMS. Specifically, it collects information from the person who has Shipped said message.
But the damage does not stop there. The malware will also be created with the contact listas well as with device data. Finally, the virus will also interact with advertising sites be able to withdraw money via the infected mobile.
In conclusion, the Joker is a malware that accesses the mobile phone to extract all kinds of information (from text messages to contact data), and also for subscribe to websites that offer payment services.
The bone cybercriminals They will retain a significant portion of the silver extracted from these platforms. That is why they are interested in subscribing to as many services as possible to get a better economic return.
Here are the affected apps
Of the four apps infected with this malware, the most popular is smart texting. Supposedly, this app allowed you customize SMS qthat you have sent to third parties and has over 50,000 downloads.
Another of the infected applications that Pradeo has detected is Tensiometersupposed to be designed to measure the blood pressure. is also on the list voice language translatoran application that resembles the famous translator from Google but only tries to deceive the people who download it.
The fourth and last application of this virus is Quick text SMS. This SMS app is similar to Smart SMS Messages, which promised those who downloaded it to their cell phones the ability to personalize the messages as much as possible. However, as is the case with the rest of the apps, it’s no more than a front designed to steal money and information from people.
Joker is already an old acquaintance for people who deal with the cyber security. And it is that there are many applications that he has infected on different occasions, from some to scan documents until salvapantallas. There are also photo editors and apps to edit emojis, for example.
The latest applications that have been discovered to be infected are:
- Coin track Loan – Online loan
- cool call screen
- PSD Authentication Protector
- RGB Emoji Keyboard
- Camera Translator Pro
- Fast PDF scanner
- Hot Air Balloon Wallpaper
- colorful messenger
- Thug photo editor
- Animated background
- peace sms
- Happy photo collage
- original messenger
- Badge messages
- Smart keyboard
- Special photo editor
- 4K Wallpapers