Especially applications that do not suggest anything bad and are also aimed at a broad mass are particularly attractive for criminals. They make it possible to exploit as many people as possible in any form at the same time, completely unnoticed. Because of such Android app experts from Pradeo, a company for mobile security solutions, are sounding the alarm.
Delete Android app: It is infected with the Joker malware
The focus of the warning is the Android app “Color Message”, which has already been downloaded more than 500,000 from the Google Play Store. It is currently no longer available there, but anyone who already has it on their cell phone should “delete it immediately to avoid fraudulent activity,” says Pradeo’s blog entry.
color message
- Google Play: https://play.google.com/store/apps/details?id=com.guo.smscolor.amessage
- Package: com.guo.smscolor.amessage
- Version 1.3
- 500,000+ downloads
ZDNET also reported back in December that the Android app only serves as a facade. In fact, she is familiar with the Joker malware shifted. This secretly forces users of Android devices to subscribe to a fee in order to divert amounts of money from their accounts unnoticed.
Last known cases a few weeks ago: 7 more Android apps to delete
On the other hand, as the portal Phone Arena reported in November, but also other media beforehand, a few other, rather harmless-looking applications can lead to financial damage from the Joker malware. So, in addition to the above, you should also delete the following Android appsif you use it on your phone:
Previously known Android apps infected with the Joker malware:
- Auxiliary Message
- Battery Charging Animations Battery Wallpaper
- Classic Emoji Keyboard
- Dazzling Keyboard
- Element scanners
- EmojiOne Keyboard
- Fast Magic SMS
- Free CamScanner
- Go Messages
- Now QR code scan
- Super hero effect
- great message
- Great SMS
- Travel Wallpapers
- Volume Booster Louder Sound Equalizer
Such incidents have been reported regularly for years. Deleting the affected Android apps is therefore highly recommended.
Last year showed just how dangerous the phenomenon has become. At that time, the police in Belgium issued an official statement (French) on August 20, 2021: “The malicious program was detected in eight Play Store applications that Google sorted out.” Anyone using them should have the corresponding Android Delete apps. Officials warn “you risk one big surprise in their bank account at the end of the month or your credit card”.
The first Joker incidents occurred in 2017
The Joker malware became known in 2017. Since then, Google has had around 1,700 Android apps deleted from the Play Store, as reported by Entrepreneur. Since then, security experts have repeatedly reported incidents involving the banking malware.
In 2020, Check Point’s cybersecurity experts drew attention to four affected applications. The new version of the Joker malware that was discovered at the time was spyware that hides itself in inconspicuous applications and can download additional programs onto the infected device. These, in turn, secretly register users for premium services without their consent, as in the current case.
The Android apps mentioned, whose deletion was also recommended, included services for simple tasks such as wallpaper design and compass guidance. Camera and photo apps are also featured again and again.
Also look out for these Android apps:
- Compass (hook)
- Flowery Photo Editor (Castle Rock)
- Homely Wallpaper (Mary Hickey)
- Landscaper Camera (Lonnie Carlson)
What is the Joker malware?
Behind the general term malware is a software defined as “malicious”. This was specially developed for the purpose of infiltrating devices without the knowledge of users. There are many types, each of which works differently. However, all variants have two characteristics in common: They actively work against your interests and act insidiously in the process.
Examples of malware categorized as adware, spyware, viruses, botnets, Trojans, worms, rootkits and ransomware. In addition, such malware can attack not only PCs, but also Macs and mobile devices.
In the case of the Joker banking malware is a malicious code that hides in Android applications. These are then placed in Google’s Play Store without Joker being discovered. That alone is enough for the malware to cause damage. The aim is to do so without the knowledge and consent of the users financial damage to prepare.
How do you completely delete an infected Android app?
The good news: A quick check quickly shows that the applications mentioned are no longer available in the (German) Google Play Store. Of course, it can also be the case that you have already installed the programs.
If so, follow the necessary steps to delete the Android apps completely. Since the process is simple and takes just a few minutes, there’s no reason not to.
You can do this to protect yourself beforehand
Before it even gets to that point, there are preventive measures you can take for lasting protection. According to Check Point, it may be helpful to install a security solution on your device.
The experts also recommend checking your credit card statement or bank account for payments to premium services. If you notice anything unusual, this can be an indication of defective apps.
Beware of these Android apps too: deleting them can help
Only recently was a message published about the Android app Weather Home. This can take over your entire mobile phone. However, several other media have already reported on Android apps that can steal your Facebook login data. In this case, there are nine specimens obtained by cybersecurity firm Dr. Web discovered and reported to Google.
The company has already removed them from the Play Store, but they can still cause damage on smartphones if they are already installed. Some of the programs identified by the security experts have already been downloaded millions of times.
Reports from April about several Android apps, which were even able to steal bank data through malware, show how regularly cases of this kind occur. But even on the computer you are not safe from defective software. Do you still need a good antivirus program for your PC? A recent test shows which ones are worthwhile.
Sources: Pradeo, ZDNet, Police Belgium, Entrepreneur, Check Point, Google Play Store, Phone Arena