64 new variants of 'Joker' malware have invaded Android app stores

P

Polycount

Posts: 3,017   +590
Staff
In context: Malicious Android apps are nothing new, even on the supposedly well-curated Google Play Store. Indeed, just a couple of days ago, Google was forced to remove 17 Android apps that contained a malware family known as "Joker." Joker-laden apps masquerade as legitimate and may even provide useful functions to their users -- however, some time after the app has been downloaded onto a given device, its true, sinister goal is achieved.

In the case of the 17 apps mentioned before, that purpose involves swiping a users' SMS information to sign them up for premium wireless application protocol services, according to security research firm Zscaler.

However, that virus crackdown is only the latest in a longer string of similar Joker outbreaks -- similar clusters of Joker-laden apps have appeared many times over the past few years, with the first hitting Android marketplaces in late 2016.

Joker wouldn't be such a significant issue were it not for two things: the popularity of the apps it's been injected into, and its widespread deployment across not just the Google Play Store, but a variety of third-party Android app stores, some of which have even more lax security standards.

According to Zscaler, the 17 apps involved in the latest Google crackdown were downloaded a whopping 120,000 times in total. That's 120,000 potential victims, and the problem is only getting worse: new reports suggest 64 new Joker variants have already been discovered in just the past couple of weeks.

Mobile security firm Zimperium describes the "full attack chain" of Joker via the following flowchart:

First, the app "decodes" or decrypts strings to obtain and load a URL to a malicious "dex" file. Then, the dex file is downloaded from said URL, and it's loaded onto the system using "reflection techniques" that invoke the "DexClassLoader constructor." Finally, the file performs whatever malicious tasks it was developed to do, with the device owner often being none the wiser.

It will be difficult for Google to keep a handle on this massive influx of sophisticated, virus-laden apps, but we'll let you know if the problem gets worse or improves over the coming months.

In the meantime, Android should only download apps from developers they fully trust and avoid leaving unused apps on their phones without good reason.

Permalink to story.

https://www.techspot.com/news/86930-64-new-variants-joker-malware-have-invaded-android.html

 
Another day, another hundred apps removed from the Google Play Store.

And people wonder why I went with the iPhone. You can't sit there and tell me that Google with all of their millions can't afford to have a proper app vetting process because I'll call bullsh*t.
 
  • Like
Reactions: Goat11, PEnnn, Reehahs and 1 other person
trparky said:
Another day, another hundred apps removed from the Google Play Store.

And people wonder why I went with the iPhone. You can't sit there and tell me that Google with all of their millions can't afford to have a proper app vetting process because I'll call bullsh*t.
Click to expand...
Malicious stuff makes it to the App Store too. If there is a will, then there is a way. Yes, Google could do a better job checking out the apps being put on the Play Store.
 
  • Like
Reactions: Beelzebot
stewi0001 said:
Malicious stuff makes it to the App Store too.
Click to expand...
Not as many times as Google by a wide country mile. It's like every other month we hear about this crap.
stewi0001 said:
Google could do a better job checking out the apps being put on the Play Store.
Click to expand...
Yes, they could. I have no idea why, but they don't.

It's like come on Google, do you even care? Because it sure seems like they couldn't give a damn. The safety of your users are at stake here and yet they don't seem to be doing a damn thing about it.
 
  • Like
Reactions: PEnnn
Notice how Google stopped advertising Chromebooks as "impervious to viruses" about a year ago.
 
  • Like
Reactions: trparky
Mugsy said:
Notice how Google stopped advertising Chromebooks as "impervious to viruses" about a year ago.
Click to expand...
Yeah, because Chromebooks can run Android apps and well... we're talking about that reason right here in this thread.
 
Terrible news! used to be Android was safe and Windows programs were infected.
Guess the times, they are a changing....
 
lazer said:
Terrible news! used to be Android was safe and Windows programs were infected.
Guess the times, they are a changing....
Click to expand...
This is what happens when your app vetting process has been a massive failure from the beginning. And yes, I blame Google for this crap. They have the money to do it right (don't tell me that they don't!), they just choose not to.

I just don't know if it's out of malice, stupidity, or just laziness though.
 
  • Like
Reactions: Goat11
stewi0001 said:
Malicious stuff makes it to the App Store too. If there is a will, then there is a way. Yes, Google could do a better job checking out the apps being put on the Play Store.
Click to expand...
Really? Care to show us an example? Even if one or two or even 3 malicious apps made it to the AppStore, it's nothing close to the weekly or monthly malicious apps you find on Google Play Store.

I am not against Google or Pro Apple here, but Apple closed garden has proven itself to work quite well and I never have to think twice before I install an app from the App Store.

I am not an Apple fan, I hate lots of their policies and the fact they are becoming greedy by the day. But when credit is due...
 
Goat11 said:
I am not against Google or Pro Apple here, but Apple closed garden has proven itself to work quite well and I never have to think twice before I install an app from the App Store.
Click to expand...
Same here. I never have to think about if there's going to be an issue with an app, I just install it and go on my way.
Goat11 said:
I am not an Apple fan, I hate lots of their policies and the fact they are becoming greedy by the day. But when credit is due...
Click to expand...
Me too. I'm not particularly crazy about everything Apple does as well but I have to give Apple credit, their platform is a hell of a lot safer to use for the average everyday user. Let's face it, the average everyday user needs all the handholding they can get and a whole lot more.
 
  • Like
Reactions: Goat11
trparky said:
Let's face it, the average everyday user needs all the handholding they can get and a whole lot more.
Click to expand...

That's hitting the nail on the head - and a lot of people who actually need this handholding are not aware of this fact! oh well, what can you do? I'll keep using Apple as long as they prove to keep my mobile devices safe without me needing to install all sorts of tools and Anti-SOMETHING apps to keep bad things from happening to my precious data.
 
  • Like
Reactions: trparky
Goat11 said:
That's hitting the nail on the head
Click to expand...
It comes down to the fact that for most people you can't expect them to know how to keep themselves and their data safe. You can teach them about security all you want until you're blue in the face and for the most part it'll go in one ear and out the other with very little processing in between. This is why locked down ecosystems are essentially going to be the future.

Do I like it? No! I like freedom, I really do. But that kind of freedom is absolutely dangerous to 95% of the users out there.

The geeks and nerds talk about how they want open platforms and all and trust me, I want them too, however I also know that open platforms are just not compatible with the average user. Handing open platforms to the average user is like handing a grenade to a baby and hoping it doesn't pull the pin and blow itself up.
 
Last edited:
  • Like
Reactions: Goat11
Goat11 said:
Really? Care to show us an example? Even if one or two or even 3 malicious apps made it to the AppStore, it's nothing close to the weekly or monthly malicious apps you find on Google Play Store.

I am not against Google or Pro Apple here, but Apple closed garden has proven itself to work quite well and I never have to think twice before I install an app from the App Store.

I am not an Apple fan, I hate lots of their policies and the fact they are becoming greedy by the day. But when credit is due...
Click to expand...
Yes I could give you links to some but, I don't have the time for that at the moment. Yes, the media frequency for Play Store related malware is higher than the App Store. However, there is the possibility that Apple tries to minimize stuff getting out to the media. This is only a theory and very well could be wrong since Apple does likes to play "Big Brother" a lot.
 
stewi0001 said:
However, there is the possibility that Apple tries to minimize stuff getting out to the media. This is only a theory and very well could be wrong since Apple does likes to play "Big Brother" a lot.
Click to expand...
I'd buy that idea if there weren't so many people that dislike Apple. I'm sure that there's a lot of people who would love to stick it to them and publish it anyways regardless of whether it would please Apple or not.

Like it or not, Google's app vetting process just absolutely sucks, and they've got to get a handle on this crap already.
 
  • Like
Reactions: Goat11 and stewi0001
You must log in or register to reply here.

Similar threads

Daniel Sims
Class-action lawsuit accuses HP of monopolizing aftermarket ink cartridges
2
Replies
32
Views
442
pmshah
P
midian182
Samsung unveils the All-in-One Pro: A sleek alternative to the iMac with a 27-inch 4K display
Replies
10
Views
212
Bobbydpue
Bobbydpue
Daniel Sims
US Department of Justice files broad antitrust suit against Apple
2
Replies
29
Views
617
trparky
T

Latest posts

Back