'Joker' malware secretly charges Android owners' credit cards
This new Android malware may be the most twisted yet. An interesting new type of malware has been uncovered, coded within two dozen Android apps that have accumulated hundreds of thousands of downloads in the Google Play store. Android users who downloaded any of the apps embedded with this malware, dubbed “the Joker,” will need to check their credit card bills. Joker’s purpose, once deployed, is to sign up its victims to subscription services without their knowledge or consent. This new malware was first detected by CSIS Security Group malware analyst Aleksejs Kuprins, who has been monitoring the malicious code and penned a detailed analysison Joker. According to Kuprins, the malware “delivers a second stage component, which silently simulates the interaction with advertisement websites, steals the victim’s SMS messages, the contact list and device info.” Basically, any user that was infected by Joker possibly had their phone’s texts and contact list stolen, too. But the simulated interactions are where Joker gets a bit more twisted. “The automated interaction with the advertisement websites includes simulation of clicks and entering of the authorization codes for premium service subscriptions,” writes Kuprins. “For example, in Denmark, Joker can silently sign the victim up for a 50 DKK/week service (roughly ~6,71 EUR). This strategy works by automating the necessary interaction with the premium offer’s webpage, entering the operator’s offer code, then waiting for a SMS message with a confirmation code and extracting it using regular expressions. Finally, the Joker submits the extracted code to the offer’s webpage, in order to authorize the premium subscription.” According to Lifehacker, the list of apps harboring the Joker malware include Advocate Wallpaper, Age Face, Altar Message, Antivirus Security - Security Scan, Beach Camera, Board picture editing, Certain Wallpaper, Climate SMS, Collate Face Scanner, Cute Camera, Dazzle Wallpaper, Declare Message, Display Camera, Great VPN, Humour Camera, Ignite Clean, Leaf Face Scanner, Mini Camera, Print Plant scan, Rapid Face Scanner, Reward Clean, Ruddy SMS, Soby Camera, and Spark Wallpaper. Kuprins says that in total, the 24 apps racked up more than 472,000 downloads in the Google Play store. The apps have since been removed. If a user has any of those apps on their phone, they should be deleted. According to the report, the current iteration of Joker malware campaign appears to go back as far as June of this year. Kuprins notes that Google removed the apps before his security firm reached out to the company, so it appears that the tech giant has been monitoring the situation as well. Malwarehas longbeen a problemplaguing Android devices. Facebook has even gone so far as to file a lawsuitlast month against one developer, whose malware-ridden Android app engaged in click fraud on the social media company’s ad network. While other recent Android-targeted malware campaigns have had broaderreach, such as “Agent Smith,”which has infected 25 million devices, Joker’s automated subscription attack certainly makes it among the more interesting.
Featured Video For You
The computer worm that changed the world
相关推荐
-
Klarna CEO reveals plan to reduce workforce by 50% and replace it with AI
-
Over 500 draw lots to attend Park's first hearing
-
Philippines vow to 'crash the party' against N Zealand
-
从致富带头人到编外团委副书记
-
AirPods Pro 3 and AirPods 4 may get revealed at the Apple September event
-
Challenges plague Pakistan women's football
- 最近发表
-
- 18 Places for Epic Outdoor Adventure Across Colorado
- Bayern buoyant over Kane deal
- Golf tours drop no
- Challenges plague Pakistan women's football
- PS5 Pro: It looks like a sketch of the design just leaked
- New Zealand eye knockout places
- Uh, you should really update Firefox. Like, right now.
- Facebook is down and everyone across the globe is freaking out
- We Cannot Live Without Cryptography!
- Challenges plague Pakistan women's football
- 随机阅读
-
- Ford can make your Mustang Mach
- PSG say Saudi's Al Hilal can talk to Mbappe
- Ring hit with class action lawsuit for 'failure to take basic security precautions'
- A small robot is here to help after a mishap at a major nuclear waste site
- Prime exclusive deal: $50 off Govee floor lamp
- [Breaking] NK's missile flew about 500 kilometers: S. Korea's JCS
- Snapchat's constant evolution shows it won't let itself be crushed by Facebook
- Marquinhos hopes for solution to Mbappe dispute
- [LLG] When compassion meets law: Lawyer defends goats, dogs, other helpless animals
- Messi makes magical start to Miami
- Twitter will test reply limiting feature to beat back trolls
- 雨城区地税局四项措施贯彻落实《廉政准则》
- 海丰芥蓝入选全国名特优新农产品名录
- 'World watching' as Djokovic faces Alcaraz
- What to do if your dog doesn't like other dogs or strangers
- 劣质低价厂商遭淘汰,速冻丸子行业迎来大洗牌
- Project 2025 Comstock Act: Trump’s new abortion comment exposed.
- Don’t believe that ‘James Comey’ pee tape tweet
- Bayern buoyant over Kane deal
- 9 things we learned from MrBeast's Rolling Stone cover story
- 搜索
-
- 友情链接
-