The Joker malware has reappeared on the scene, this time hiding in 16 apps within the Google Play store. As a reminder, this form of malware can avoid detection by Google's security systems by delaying its malicious intent, and will only show up fraudulently later. Once installed via an infected app, it helps to load more malware onto the device that will sign the user up to premium (i.e. paid) WAP (Wireless Application Protocol) services without their knowledge and permission.
According to security company ZScaler, whose ThreatLabZ research team discovered a new batch of apps with this malware and has been monitoring it for some time, Joker can also help criminals steal SMS messages, contact lists and informace relating to the user's device. According to her findings, 16 fraudulent applications were installed on roughly 120 people androiddevices. Google has already removed them from the store, but it cannot delete them from the phone - that is up to the users who installed them.
Specifically, these applications are: All Good PDF Scanner, Blue Scanner, Care Message, Desire Translate, Direct Messenger, Hummingbird PDF Converter – Photo to PDF, Meticulous Scanner, Mint Leaf Message-Your Private Message, One Sentence Translator – Multifunctional Translator, Paper Doc Scanner, Part Message, Private SMS, Style Photo Collage, Talent Photo Editor – Blur focus, Tangram App Lock and Unique Keyboard – Fancy Fonts & Free Emoticons.
To get past Google's security systems, criminals copy the functionality of a legitimate app and upload it to Google Play. Initially, the application will work without problems, but after a few hours to days, additional components will be added to it and malicious activities will begin to take place in it.
