The ‘Joker’ virus is hidden in various apps in the Google Play Store and the user does not notice until they empty their bank accounts. See how this malware operates and what the dangerous applications are.
August 23, 2021
5 min reading
The Belgian Police alerted on the ‘Joker’ virus return, Which attacks teams Android and is hidden in several applications of Google Play Store. Is malicious software is able to subscribe the user to payment services without their authorization and empty your bank accounts without him noticing.
“This malicious program has been detected in eight Play Store apps that Google has deleted”, Say the Belgian authorities in a statement published this Friday on its website.
the malicious software“Joker” he became famous in 2017 for entrusting and stealing from his victims by hiding in different apps. Since then, defense systems Google Play Store have been removed around 1,700 applications with the malicious software “Joker” before they were downloaded by users.
In September 2020 the “Joker” virus a 24 applications for Android which recorded more than 500 thousand downloads before being removed. It is estimated that this time it affected more than 30 countries including the United States, Brazil and Spain. Through unauthorized subscriptions, the hackers they could steal weekly up to $ 7 (About 140 Mexican pesos) per subscription, a figure that has most likely increased in recent months.
How does the Joker virus work on Android apps?
the Joker Trojan virus belongs to a family of malwares known as Pa, The goal is hack cell phone bills i authorize operations without consent of the user.
Researchers from the cybersecurity company Quick Heal Security Lab, quoted in the statement, explain that this virus can enter text messages, the contacts i other smartphone information infected.
What makes this malware more dangerous is its ability to subscribe to the affected Android user for payment services, Usually Premium or the most expensive version, without your prior authorization.
In its infancy, apps infected with “Joker” or another malicious software of this family performed the fraud via SMS, But then they began to attack the pay online. These two techniques take advantage of the integration of telephone operators with vendors, to facilitate the payment for services with the mobile phone bill. Both request verification of the device, but not the user, so they can automate payments without requiring any user interaction.
#PersonalFinance The excess of streaming platforms, apps, online services and others, make a hole in your portfolio. See how to do a subscription ‘detox’ to have a healthier monthly budget and take care of your money. https://t.co/8hX4qDIY3P
– Entrepreneur in Spanish (@SoyEntrepreneur) August 23, 2021
“You risk a big surprise at the end of the month in your bank account or on your credit card”, Pointed out the Belgian police, in reference to the unknown charges who will see the victim at the end of the month.
In fact, it is very common for those affected by “Joker” they notice the theft until they check their account statement in detail. This is because the bank does not suspect a seemingly ‘normal’ subscription and the charges are usually so small that they do not detect them as unusual movements, so they don’t even send a usage alert to the account holder.
In which Android apps could the ‘Joker’ virus be?
On this occasion, harmful applications that Google Play Store removed after detecting that they contained the “Joker” virus son:
- Auxiliary message
- Element Scanner
- Fast magic SMS
- Free CamScanner
- Go messages
- Super message
- Super SMS
- Travel wallpaper
However, other experts warn that they are more the affected applications and therefore millions of users who do not know that they are already victims of this cyberfraud.
The cybersecurity company Zscaler, cited by La Razón, made public the names of 16 other apps that, according to its analysis, also contain this malicious code:
- Private SMS
- Hummingbird PDF Converter – Photo to PDF
- Photo collage style
- Talent Photo Editor: Blur
- Paper Doc Scanner
- Quite a good PDF scanner
- Message of care
- Partial message
- Blue scanner
- Direct messaging
- One Sentence Translator: multifunctional translator
- Mint Leaf Message: Your private message
- Unique keyboard: deluxe fonts and free emoticons
- Tangram application blocking
- Desire Translate
- Meticulous scanner
Of course, the recommendation for Andriod users is to check if they have any of these apps installed on their smartphone and remove them immediately, as being deleted from the Google Play Store does not imply uninstallation. automatic on the computers where they were downloaded.
