Cybersecurity researchers have discovered six more malicious apps on the Google Play Store with a combined total of more than 200,000 downloads that have been affecting Android users in the last three years.
Joker malware pretends to be a legitimate app in the Google Play Store, but after it is installed, carries out billing fraud by either sending SMS messages to a premium rate number or using the user’s account to often make purchases using WAP billing, which also adds to the pockets of Joker’s operators.
The activity happens behind the scenes and without any input needed from the user, which means they usually won’t find out that they have been scammed until they receive a phone bill full of charges.
Google has deleted more than 1,700 apps containing Joker malware from the Play Store since 2017, but the activity keeps re-emerging, and now six other malicious apps have been discovered by researchers at cybersecurity company Pradeo.
The Six Malicious Apps Have Been Removed from the Google Play Store
Of the six apps, one called ‘Convenient Scanner 2’ has been downloaded for more than 100,000 times alone, while ‘Separate Doc Scanner’ has been downloaded by 50,000 users. Another app, ‘Safety AppLock,’ alleged to ‘protect your privacy’ and has been downloaded 10,000 times.
Two more applications have also been installed 10,000 times – ‘Push Message-Texting&SMS’ and ‘Emoji Wallpaper,’ while another one named ‘Fingertip GameBox’ has received more than 1,000 downloads.
The six apps have now been deleted from the Google Play Store after the developer has been informed by Pradeo. Users who have any of these apps on their Android mobile phones are urged to get rid of them immediately.
These malicious apps are just the latest in a long line of malign downloads that the group of attackers behind Joker, also known as Bread, have tried to sneak into the Google Play Store.