What is Joker Malware? How to avoid it

What is Joker Malware? How to avoid it

What is Joker Malware? How to avoid it

 Joker malware is another threat to your privacy and sensitive information. Recently the malware hit Android mobile devices worldwide, which led to the removal of several apps from the Google Play Store.

This malware is absolutely no joke. If you want to keep your device safe, you should know what Joker malware is, and how it works.

What is Joker Malware

This malware is called “Joker” for a reason, it hides behind an app that seems genuine and preys on unknowing users. You may also have seen Joker malware called Bread, which are both synonymous.

Google first encountered this threat in 2017, and it is still an ongoing problem. The hackers behind the Joker malware threat are constantly finding ways to manipulate Google Play Store security flaws, so that disguised malware goes undetected.

Joker's authors have several methods to get their infected app to bypass the security protocols on the Play Store. In fact, they create a malware-free version of the app, upload it to the Google Play Store, and then install the malware on your device by calling it an “app update”.

When you install an app infected with Joker malware, it signs up for a paid subscription without your permission. To make matters worse, this malware can also reach your contacts, SMS messages, and your device information. It's hard to get your money back after falling victim to this scam, so it's important to prevent infection before it even happens.

How Does Joker Malware Work?

Applications infected with Joker malware do not openly ask for your personal information. This malware is much sneakier than that, making it even harder to notice when you've been a victim.

The first kind of Joker malware relied on SMS scams. By sending SMS messages to premium numbers from your mobile, this malware will register you for subscriptions or make payments without your knowledge. Because these premium services and subscription plans often partner with mobile carriers, you will usually see these unwanted charges on your cell phone bill.

In early 2019, Google tightened restrictions on apps that ask to access your Call Logs or SMS. Thanks to this policy change, many Joker-infected apps were caught, and then removed from the Play Store. Google Play Protect's implementation also helps keep Android devices safe.

Despite Google's efforts, the Joker malware persists. Research by Check Point has uncovered a new strain of Joker malware that is just as sneaky as the last. Instead of engaging in SMS scams, it now uses the old tricks usually found in Windows malware.

Once on your device, Joker malware downloads an executable DEX file from a command-and-control server. This code is used to discreetly sign you up for a premium subscription. It then proceeds to prevent the subscription confirmation notification from showing up on your phone.

To do this, Joker malware takes advantage of Notification Listener, an Android feature that gives apps access to your device's notifications. The malware hijacks Notification Listener, allowing it to interrupt your push notifications.

The latest version of the Joker malware managed to bypass Google's security using this clever technique. According to Check Point, “the new version now hides malicious DEX files inside the app as Base64 encoded strings, ready to be decoded and loaded.”

This means when the app is placed on the Play Store, there will be no sign of malware. But when the user actually downloads the application, the malware will automatically work.

How to Protect Against Joker Malware

Google recently removed 11 apps from the Play Store that contained the Joker malware. If you have any of the following apps, uninstall them immediately:

* Compress Image (com.imagecompress.android)

* Contact Message (com. contact. with me. texts)

* Friend SMS (com.hmvoice.friendsms)

* Relaxation Message (com.relax.relaxation.androidsms)

* Cheery Message – listed two times (com.cheery.message.sendsms)

* Loving Message (com. peason. loving love message)

* File Recovery (com.file.recoverfiles)

* App Locker (com. LPlocker. lockapps)

* Remind Alarm (com. remindme. alarm)

* Memory Game (com. training. memorygame)

While most of these malicious apps work as alternative messaging apps, others include image compressors, alarm reminders, wallpaper apps, and more. If any of these apps sound familiar to you, check your cellphone and credit card bills. Every transaction or subscription that looks sketchy can be a sign that your smartphone is infected with the Joker malware.

Joker Malware Apps

Since apps infected with Joker look legitimate from the outside, you should take extra precautions when downloading apps. The photo above is an example of an app infected with Joker malware, looks pretty legit, doesn't it? That's why you have to be careful when downloading an application.

You should also keep in mind that many applications infected with Joker malware have fake user reviews on the Play Store. These positive reviews build trust, and also persuade you to download the app.

Luckily, it's pretty easy to spot fake reviews once you know what to look for. If you see duplicate reviews under the app, they are likely fake. The same goes for general reviews that don't name the app.

Apart from knowing how to identify unsafe apps on the Play Store, you can also protect yourself by installing reliable security apps on your device. You might not think you need an antivirus app on your Android, but it can definitely come in handy when trying to protect against Joker malware or other malware.

What is the Future of Joker Malware?

Even though Google managed to log more than 1,700 apps infected with Joker malware in January 2020, and then removed the 11 apps listed above, that doesn't mean we're completely safe. Joker malware is still out there, and will likely be there for a while. It is constantly adapting to the Play Store security policies, which means it will continue to evolve over time.

Does this mean that some of the apps in the Play Store currently hide the Joker malware? Unfortunately, some apps may have passed security protocols correctly. So here you have to be careful when downloading an application.

________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________ ________

So many articles What is Joker Malware? How to avoid it. Look forward to other interesting articles and don't forget to share this article with your friends. Thank you…

Resa Risyan

Just an ordinary person who wants to share a little knowledge, hopefully the knowledge I provide can be useful for all of us. Keep in mind! Useful knowledge is an investment in the afterlife.

Also, read the article about What Is The Linux Kernel And How To Check The Version?. And see you in another article. Bye
Read Also :
DotyCat - Teaching is Our Passion