Google and Joker have a long story of fight and defense. Google had fought in this arena for three years. A few weeks earlier, the world’s most loved and used search engine and Android system developer had shared details about its three-year-long ‘fight’ with ‘Joker’ malware. To some extent, the fight is over but joker malware attacks android smartphone users again.
The Joker malware first appeared in 2017, is one of the most persistent threats that the company dealt with. With all the precautionary measures and defense systems in place, joker malware attacks android smartphone users again. This makes Google right by terming this as the most persistent threat to its security.
The Check Point Report
The security firm Check Point revealed in a report the malware is the new variant of Joker Dropper and Premium Dialer spyware in Google Play. The spyware landed on smartphones Android app store by using an old technique from the conventional PC threat landscape and used it in the mobile app world to avoid detection.
Joker, dangerous spyware, comes with seemingly legitimate Android apps. The report said the ‘updated version of Joker’ had been ‘able to download additional malware to the device’. This has made spyware one of the most persistent threats on Android devices security.
The report claims this malware attacks Android smartphone security and automatically ‘subscribes the user to premium services without their knowledge or consent’. Google had already termed these malicious apps as large-scale billing fraud family.
Where it was found? The apps were removed?
The report highlighted 11 apps that are legitimate apps but were infected with this malware. after being detected with Joker malware, the apps have been removed from the App store, report claims.
Aviran Hazum, Manager of Mobile Research for Check Point spoke about Joker malware after the report. He said the malware is ‘found it hiding in the “essential information” file every Android application is required to have’.
Every Android app has to fulfill some requirements before making its way to the App Store. These files, by large, remains the same with all the apps and are considered an essential part. Because these files are highly important, they are thoroughly maintained. A breach here means a serious threat.
Google Play Security system is insufficient
The security firm has claimed, “Google Play Store protections are not enough”. Moreover, the firm detected ‘numerous cases of Joker’ uploads on a weekly basis to Google Play’. All these were uploaded by legitimate users with no suspicion.
Google’s investment in adding Play Store protections is not enough to detect tricky Joker malware.
All the 11 infected apps which were revealed by the report by Check Point have been removed, successfully. This action was taken by the search giant in April. Hazum said, “Google removed the malicious apps from the Play Store” as had been mentioned in the report. Experts say Joker malware can breach android smartphone users again. Everyone should understand what Joker is and its consequences.
