The Joker (Bread) malware is one of the most persistent malware that Google has dealt with.
The 17 apps that have been removed include scanning apps, messaging apps, a Multi-functional Translator and more.
The apps were downloaded 120,000 times before being detected.
Power New Possibilities | Dell PCs starting at Rs.35,990*
Click here to know moreAdvertisements
Google has removed 17 apps from the Google Play Store for being infected by the Joker (Bread) malware. This is one of the most persistent malware we have seen on Google’s mobile OS and the company has been dealing with it since 2017. In that time, Google has removed more than 1700 apps that have been plagued by the Joker malware. These 17 apps were downloaded 120,000 times before being detected. The list of 17 apps is as follows.
According to Zscaler security, “This spyware is designed to steal SMS messages, contact lists, and device information along with silently signing up the victim for premium wireless application protocol (WAP) services”. In July 2020 and in September 2019, we saw the Joker malware make headlines.
The malware uses a method called “Droppers” to infect the device. The process has multiple stages. According to Bleeping Computer, “Malware authors have realized in the past years that Google has a very hard time picking up "droppers" hidden in legitimate apps. For the past years, more and more malware operations have adopted this trick of splitting their code in two —a dropper and the actual malware. The reason is that droppers require a smaller number of permissions and exhibit limited behaviour that could be classified as malicious. Furthermore, adding timers that delay the execution of any malicious code with a few hours also helps the malware remain undetected during Google's scans. These simple tricks allow tiny pieces of malicious code to slip inside the Play Store hidden in all sorts of apps, of many categories. Once users run the apps, which in most cases do what they advertise, the malicious code executes, the droppers asks for various permissions, and if it gets them, then it downloads a far more potent malware”.
Put simply, the delay in the malware acting on the user’s system hides it from the security eyes of Google. When the app asks for permissions, and the user gives it, is when the malware start to infect the device. This is why you must be very careful when giving certain apps permissions they don't need. For example, there is no need for a torch app to ask for permission to see the contacts or the dialer or the messages and hence such permissions must be denied.
Sameer Mitha lives for gaming and technology is his muse. When he isn’t busy playing with gadgets or video games he delves into the world of fantasy novels.
Popular Mobile PhonesView All
Digit caters to the largest community of tech buyers, users and enthusiasts in India. The all new Digit in continues the legacy of Thinkdigit.com as one of the largest portals in India committed to technology users and buyers. Digit is also one of the most trusted names when it comes to technology reviews and buying advice and is home to the Digit Test Lab, India's most proficient center for testing and reviewing technology products.
We are about leadership-the 9.9 kind! Building a leading media company out of India.And,grooming new leaders for this promising industry.