Joker malware-laced Color Message app detected on Google Play Store

Joker malware is the most notorious for its capability to bypass the toughest security screening around the world. In the latest instance, the popular SMS app Color Message has been found hosting Joker malware.

Security experts at Pradeo have reported that Color Message has been installed on more than 500,000 Android phones. It has a variant of Joker malware categorized as 'Fleeceware'.

The Color Message app looks benign and offers a visually good user interface, but it is capable of doing unauthorised clicks on phone and also track and opening and track messages to subscribe to premium services without the proper permission from the phone owner.

It is also good at avoiding detection and hiding footprint (activities), notorious traits of Joker malware.

"Our analysis of the Color Message application through the Pradeo Security engine shows that it accesses users’ contact list and exfiltrates it over the network. Simultaneously, the application automatically subscribes to unwanted paid services unbeknownst to users. To make it difficult to be removed, the application has the capability to hide its icon once installed," noted the Pradeo security expert team.

As of now, Google has removed the Color Message app from the Play Store. But, the device owners who are still using the app are advised to uninstall it immediately.

Also, it is good practice to keep a tab on any new app you install on your phone. Furthermore, before downloading any app from Play Store, make it a habit to read the user reviews below. There will certainly have tell-tale signs that the app is not trustworthy.

Get the latest news on new launches, gadget reviews, apps, cybersecurity, and more on personal technology only on DH Tech.