Researchers have just discovered an updated version of the 'Joker' spyware circulating in Android apps downloaded from the Google Play Store. The Joker is a Premium Dialer which means it hides within legitimate applications, then downloads additional malware to the device, subscribing its owner to premium services without the user knowing, let alone, agreeing.
Joker has become one of the most persistent forms of malware for Android. Originally discovered in September of 2019, this malware is able to survive due to small changes to its code, allowing it to bypass the security barriers in place within Google's application marketplace. Over the past year, Joker has continued to reappear in the Google Play Store in limited samples, and always containing slight variations to its code to hide its true functionality.
According to Check Point Research, this new version of Joker has taken an old trick from the days of conventional PC malware and adapted for mobile apps to infiltrate Google. It essentially manipulates two components of an app. First is the Notification Listener Service, which allows the Android app to intercept notifications posted from other apps. Secondly, Joker utilizes the dynamic DEX file (all the classes of an application compiled into one file) to perform premium service subscriptions covertly. Basically, Joker uses its access to create a new object that confirms a given app on the device is active. Once confirmed, the malware uses its access to the main DEX file to deliver its payload and register for premium services.
With Joker Not Going Away, Is There Any Way To Stop It?
While developers and researchers have been able to identify Joker malware, despite its ever-evolving code, there is not yet a single solution to prevent infiltration. That being said, Check Point highlights several precautions Android users can take if they suspect Joker might be present within one of their applications. The first method is delete the infected or suspected app from the device immediately. Next, check your bank accounts and credit cards for suspicious activity or subscriptions you did not sign up for. Some banks and credit card companies even offer account details that specifically list all the subscription services currently associated with an account. If you find anything suspicious or that you don't recognize, unsubscribe immediately.
One final solution to consider is installing a security solution on your device(s). Search for a mobile security app that is highly rated and is designed to protect your device and personal data. This mobile security app should include protection from both the download of malicious applications, as well as applications with malware already embedded in them. There are dozens of options to choose from, each with their own advantages from function to pricing. Hopefully Joker will soon run out of tricks to get its foot in Google Play's door. For now developers and users alike will need to keep their guard up, monitor their devices, and use the solutions listed above to put an end to this Android malware for good.
Source: Check Point Research
"Android" - Google News
July 11, 2020 at 02:24AM
https://ift.tt/3iPAbQK
Android App 'Joker' Malware Subscribes Users To Premium Services - Screen Rant
"Android" - Google News
https://ift.tt/336ZsND
https://ift.tt/2KSW0PQ
Bagikan Berita Ini
0 Response to "Android App 'Joker' Malware Subscribes Users To Premium Services - Screen Rant"
Post a Comment