Google takes down Joker trojan-laced 24 Android apps

Google's Android OS  is the most popular mobile platform in the world and also most exploited by the cybercriminals to prey on millions of naive users. Despite the stringent measures to keep a check on malware, some intelligent bad actors sneak in their shady apps to the Play store.

In the latest development, CSIS Security Group has detected a trojan dubbed as the 'Joker' in 24  Android apps, which have been installed on more than 472,000 mobiles across wide geography of the globe.

The Joker Trojan: Is there a reason to be worried?
If Copenhagen-based security experts have to be believed, the Joker-laced apps perform illegal actions such as simulation of ad clicks and go on to authorise premium subscription, read all the SMSs, steal device info and contact information without mobile owner's permission.

The hackers have particularly targeted users in 37 countries including India, China, Australia, Austria, Belgium, Brazil, Cyprus, Egypt, France, Germany, Ghana, Greece, Honduras, Indonesia, Ireland, Italy, Kuwait, Malaysia, Myanmar, Netherlands, Norway, Poland, Portugal, Qatar, Republic of Argentina, Serbia, Singapore, Slovenia, Spain, Sweden, Switzerland, Thailand, Turkey, Ukraine, United Arab Emirates, United Kingdom and United States.

Also read | Avast, French cybercrime police neutralise PC malware

It can be noted that once the Joker trojan detects the phone is in the US or in Canada, it becomes dormant to avoid detection. Also, the bad actors have used very Java codes so that there will be less footprint for the security experts to trace the origin. The user-interface of Command and Control (C&C) server panel and the bot's code comments are said to be written in Chinese, hinting it may be the handiwork of hackers in China.

The stealthy behaviour of Joker trojan raises serious concerns as the ad clicking simulation causes battery draining and lead to bad user-experience on Android phone. Illegal premium subscription causes financial loss to the user. 

By reading SMS, contact list and device, the apps have violated user privacy clause. 

Taking cognizance of the severity of the issue, Google has removed all the Joker trojan-laced 24 Android apps from Play store.


Joker trojan target countries (Photo Credit: CSIS Security Group)

"We recommend paying close attention to the permission list in the apps that you install on your Android device. Obviously, there usually isn’t a clear description of why a certain app needs a particular permission, which means that whenever you are downloading any app — you are still relying on your gut feeling to some extent," Aleksejs Kuprins, CSIS Security Group, said.

Here's How to safeguard your PC or mobile phone from adware and other malicious threats:
1) Whether you have an Android mobile or iOS-based iPhone or  Windows-powered PCs or Mac computer, always stay updated with the latest software. All Google, Microsoft, and Apple send regularly send firmware — especially security patches monthly or on a priority basis, whenever they detect threats. So, make sure you install the latest software.
2) Another good practice is to install a premium Antivirus software, which offers 24x7 protection. They are equipped to detect threats quickly whenever you unknowingly visit a shady website
3) Never ever open emails or SMS and click URL links sent from unknown senders 
4) Also, never install apps or software from unfamiliar publishers. 
5) Always download apps from Google Play or Apple App Store or Windows Store only. Never install from any third-party app store.

Get the latest news on new launches, gadget reviews, apps and more on personal technology only on DH Tech.

DH Newsletter Privacy Policy Get the top news in your inbox
GET IT
Comments (+)