Quick Heal detects 8 new apps infected by Joker spyware on Play Store

New Delhi: Cybersecurity firm Quick Heal Technologies Ltd on Thursday said that it has detected a new batch of 8 Joker malware-laced apps with a cumulative download count of 50,000 on Google Play Store.

These include Auxiliary Message, Fast Magic SMS, Free CamScanner, Super Message, Element Scanner, Go Messages, Travel Wallpapers, and Super SMS.

Joker steals users’ data by simulating interaction with ads and subscribing them to paid premium services without their knowledge, the company said in a statement.

The company said it informed Google about these apps and got them removed from the Play Store to ensure safety for Android users.

According to Quick Heal researchers, Joker is a highly innovative threat that simulates interaction with ads without users’ knowledge and steals their data, including SMS, contact list, device info, OTPs and more.

Once Joker has access to all that information, it subscribes victims to paid premium services. Victims end up losing money and in most cases, they have no idea about it.

At launch, the infected app asks for notification access and then works as a document scanner without showing any visible malicious activity.

In the background though, it downloads two payloads, which infect the device and steal sensitive user information.

It is advised that before installing any new app, users check the download count and read reviews carefully. Doing so will help them discover potentially malicious intent. They can also check the developer’s website if there is any link provided.

Additionally, they must carefully review the permissions being requested by the app and evaluate if those permissions are indeed needed for the app’s functionality. When in doubt, deny the permissions, the report said.