Get Rid Of These Apps With Over 300,000 Installs Google Just Launched The Play Store To Be Dangerous

Although the Google Play Store is supposed to be a safe source for app downloads, bad actors are getting smarter every day and finding new ways to evade the measures designed to keep them out.
The research team at cloud security firm Zscaler ThreatLabz discovered many apps on the Play Store that were associated with Joker, Face thief, and Coper malware families. The Google Android Security team removed them, so if you have downloaded any on your Android phone, you should delete them immediately.

Android Joker Apps Removed From Google Play Store

Joker was first discovered in 2019 and we’ve seen many variants of this spyware that stealthily subscribes people to premium services and steals text messages, contact lists, and device information, among other things. It continues to find its way to the Play Store by regularly changing its trace signatures. In the past two months, the following Joker apps were found on the official Google app store.

  1. Simple note scanner
  2. Universal PDF scanner
  3. Private messenger
  4. Premium SMS
  5. Smart Posts
  6. Text Emoji SMS
  7. blood pressure checker
  8. funny keyboard
  9. Memory silent camera
  10. Custom theme keyboard
  11. Light messages
  12. Photo Keyboard Themes
  13. Send a text message
  14. Messenger Chat Themes
  15. Instant messaging
  16. Nice keyboard
  17. Emoji Keyboard Fonts
  18. Mini PDF scanner
  19. smart texting
  20. Creative Emoji Keyboard
  21. fancy sms
  22. Emoji Keyboard Fonts
  23. Personal message
  24. funny emoji message
  25. Magic photo editor
  26. Professional messages
  27. All photo translators
  28. text chat
  29. Smile Emoji
  30. Wow Translator
  31. Translate all languages
  32. cool posts
  33. blood pressure diary
  34. SMS Text Chat
  35. Hi Text SMS
  36. Emoji theme keyboard
  37. iMessenger
  38. SMS text
  39. camera translator
  40. Come Messages
  41. Painting photo editor
  42. Rich thematic message
  43. Quick chat message
  44. Advanced SMS
  45. professional courier
  46. Classic game messenger
  47. style post
  48. Private game messages
  49. Timestamp camera
  50. social post
A total of over 50 Joker download apps have been found on the Play Store by ThreatLabz so far with a combined download count of over 300,000. They generally fall into the Communication, Health, Personalization, Photography, and Tools categories.

The mode of attack is that many applications are released together and hide malicious payload within them. Joker malware often hides in messaging apps that require you to grant enhanced access permissions. It then uses these permissions to achieve its goals. For example, in the Enjoy SMS app, the payload is hidden in an obfuscated path.

Facestealer Malware

The Facestealer malware is used to steal Facebook IDs with fake login screens. One of the applications encountered by ThreatLabz was cam.vanilla.snapp and it has been downloaded over 5,000 times.

Coper Trojan

This banking trojan uses a multi-step chain of infection to compromise Android smartphones and perform harmful activities. It targets banking applications in Europe, Australia and South America. They are disguised as legitimate applications and once a user downloads them from the Google Play Store, they release the malicious infection that is capable of intercepting and sending SMS messages, logging keystrokes, locking and unlock screens, prevent uninstalls and allow bad actors to take control of infected phones. This ultimately leads perpetrators to access the information they need to steal their money from victims.

For example, an app called Unicc QR Scanner prompts users to update the app as soon as it is installed. After that, a backdoor or malware gets installed in the device to help the attacker take full control of the phone.

Such applications continue to appear on the Play Store and even Apple’s App Store, so it’s best to be vigilant and only install apps from trusted developers that have been downloaded multiple times. To be sure, you should also check the reviews posted on the apps.
It is recommended not to install messaging applications. You should also avoid granting a notification listener and increased accessibility permissions to apps that seem dodgy.

Comments are closed.