Joker Spotted on Google Play Store

Joker Spotted on Google Play Store
Joker Spotted on Google Play Store | Image credits: Cybersafe News

Despite the fact that Google has deleted applications containing the Joker malware from the Google Play Store, a large number of Android users are still vulnerable. In order to avoid detection, variants of this virus are constantly developing new methods of evading detection by making minor code changes or altering the way they communicate payload data.

In recent days, a number of new Joker samples have been discovered in the Google Play store, only to be withdrawn shortly thereafter. Text Emoji Messages, Teddy love wallpapers, Unique Heart Rate Monitor, Time Zone Camera, PDF Scanner Master, Free Secret Message, Free Super Scanner, Free Writing Message, All Document Scanner, Clean Wallpaper, Free BP Recorder, Color Call Flash- Call Screen, Free Document Scanner, Free Chat SMS are among the infected apps.

The latest strain of joker malware has learned to load dex files incrementally, which is a new tactic for this malware. To determine this, cybersecurity experts at K7 Security Labs examined the sample and found that, unlike previous versions of Joker, the new strain does not define the class name of a service in the AndroidManifest.xml file in the classes.dex file in the root folder of the APK.

After the victim installs the malware package, the virus receives the main malicious payload, which is responsible for the malware and all its additional malicious functions.

What you should do to protect yourself from malicious Android apps

  • Protect your device and data by using a reliable security solution and keeping it updated to scan all downloaded apps, regardless of their source.
  • Read user reviews carefully before installing apps.
  • Always use only the Official Application Store to download apps.