Cybersecurity firm Quick Heal Technologies said that it detected a new batch of 8 Joker malware-laced apps with a cumulative download count of 50,000 on Google Play Store.
These include Auxiliary Message, Fast Magic SMS, Free CamScanner, Super Message, Element Scanner, Go Messages, Travel Wallpapers, and Super SMS.
Joker steals users’ data by simulating interaction with ads and subscribing them to paid premium services without their knowledge.
The company informed Google about these apps and got them removed from the Play Store to ensure safety for Android users.
According to Quick Heal researchers, Joker is a highly innovative threat that simulates interaction with ads without users’ knowledge and steals their data, including SMS, contact list, device info, OTPs and more.
Once Joker has access to all that information, it subscribes victims to paid premium services. Victims end up losing money and in most cases, they have no idea about it.
At launch, the infected app asks for notification access and then works as a document scanner without showing any visible malicious activity.
In the background though, it downloads two payloads, which infect the device and steal sensitive user information.