1. TechSpot is dedicated to computer enthusiasts and power users. Ask a question and give support. Join the community here.
    TechSpot is dedicated to computer enthusiasts and power users.
    Ask a question and give support.
    Join the community here, it only takes a minute.
    Dismiss Notice

Joker malware that signs victims up to premium subscription services discovered in 24...

By midian182 · 12 replies
Sep 10, 2019
Post New Reply
  1. CSIS Security Group analyst Aleksejs Kuprins made the discovery, which he wrote about in a Medium post. Joker surreptitiously signs its victims up to premium subscription services by simulating the sign-up process. It also steals SMS messages, contact lists, and device information.

    Kuprins explains that “the automated interaction with the advertisement websites includes simulation of clicks and entering of the authorization codes for premium service subscriptions.”

    “This strategy works by automating the necessary interaction with the premium offer’s webpage, entering the operator’s offer code, then waiting for a SMS message with a confirmation code and extracting it using regular expressions. Finally, the Joker submits the extracted code to the offer’s webpage, in order to authorize the premium subscription.”

    The malware potentially targets users in 37 countries, including the US and UK. For most of the apps, the victim has to be using a SIM card from one of the countries to receive the second-stage payload.

    Google has now removed all of the infected apps from its store— you can see the full list below. If you were one of the nearly half-a-million people to download any of them, checking your bank/credit card statement for any suspicious transactions is advised.

    Malware-riddled apps on the Play Store is far from a new phenomenon. Last month, CamScanner, a PDF maker with over 100 million downloads, was discovered to contain a Trojan Dropper.

    Full list of apps infected with Joker Malware:

    • Advocate Wallpaper
    • Age Face
    • Altar Message
    • Antivirus Security – Security Scan
    • Beach Camera
    • Board picture editing
    • Certain Wallpaper
    • Climate SMS
    • Collate Face Scanner
    • Cute Camera
    • Dazzle Wallpaper
    • Declare Message
    • Display Camera
    • Great VPN
    • Humour Camera
    • Ignite Clean
    • Leaf Face Scanner
    • Mini Camera
    • Print Plant scan
    • Rapid Face Scanner
    • Reward Clean
    • Ruddy SMS
    • Soby Camera
    • Spark Wallpaper

    Permalink to story.

     
  2. VitalyT

    VitalyT Russ-Puss Posts: 4,612   +3,222

    From the state of things, the entire Android is a Trojan, as it lets those things spread without control.

    I think we need a new Mobile OS, one that would value security and privacy above all. Android clearly has failed, as a platform.
     
  3. captaincranky

    captaincranky TechSpot Addict Posts: 15,183   +4,128

    FWIW, "Beach Camera" and many other camera dealers have, (IMO of course), somewhat questionable business practices from the jump, let alone with malware on their sites.

    Again FWIW, and IMO, the only places worth doing business with are Adorama Camera, and B & H Photo Video, both of whom have toll free numbers, which I always utilize, instead of ordering directly off the web.
     
  4. trparky

    trparky TS Evangelist Posts: 591   +502

    It's because Google ain't doing their jobs! They're not vetting the apps properly before letting them onto the Play Store. You don't hear of the same kind of app issues with the Apple App Store. What is Apple doing right in this situation?
     
    Alexmx, VitalyT and loki1944 like this.
  5. Ravalo

    Ravalo TS Member Posts: 89   +24

    *we live in a society memes intensify*
     
  6. loki1944

    loki1944 TS Maniac Posts: 227   +147

    I'm done with Android. The sloppiness of the platform is unacceptable at this point. If Google doesn't want to make the effort to make a reasonably secure platform like apple, then apple will get my money.
     
    trparky likes this.
  7. trparky

    trparky TS Evangelist Posts: 591   +502

    And I'd have to agree with you. If Google doesn't want to put the money where their mouth is and cultivate a more secure platform then eventually Android will become the same virus-ridden cesspool that people bash Windows for being. People bash Microsoft all the time for Windows being an insecure pile of hot garbage and for being a virus-ridden cesspool yet when we talk about how Android is essentially becoming just as bad, oh wait... somehow there's a double standard.

    No, I don't accept double standards. If Microsoft and Windows are bashed for being insecure than Android needs to be as well. There's no room for double standards, either hold both companies (and their platforms) responsible for being insecure or you don't; there's no room for playing favorites.

    I do have to love the tech community though, the amount of hypocrisy that flows forth from the tech community could drown a small town.
     
    loki1944 likes this.
  8. Capaill

    Capaill TS Evangelist Posts: 949   +525

    Android is open source.
     
  9. trparky

    trparky TS Evangelist Posts: 591   +502

    But the Play Store isn't open source, Google can control it and clean it up but it seems that they have no inclination to do so.
     
    loki1944 and VitalyT like this.
  10. Nocturne

    Nocturne TS Maniac Posts: 215   +110

    Already had one, it was called Blackberry phones....you all wanted dumb apps so.
     
    Odium, cliffordcooley and Misagt like this.
  11. Teko03

    Teko03 TS Evangelist Posts: 584   +299

    In Google's & Microsoft's defense...I think its more about about their OS's massive market share that puts a huge target on their back. You may have gained every developers attenton, but at the same time you've gained the attention of every malicious hacker as well.


    No love to Windows Phone / Mobile? Suffered the same fate for its lack of apps...companies and developers are too invested into both Android & iOS are for a new mobile OS to have any success now.
     
  12. trparky

    trparky TS Evangelist Posts: 591   +502

    This should make Google want to work even harder to make sure that bad apps don't slip into the Play Store. Obviously we're not seeing that happening because we see articles like this every couple of months in which Google said that they removed "thousands of bad apps" from the Play Store.

    My argument is, knowing that Android is such a huge target Google should be putting even more resources in making sure that bad apps don't get into the Play Store in the first place! Removing them is all well and good, making sure that they don't get in there in the first place is more important.

    It almost seems to me like Google doesn't care, they practically let anything into the Play Store. There needs to be far more vetting of apps before they go live on the Play Store and I'm not just talking about automated reviewing. There needs to be an actual human being going over said apps. Considering how much money Google makes they could afford a whole team of people to do so.

    The argument to this, of course, is going to be that app updates are going to slow down but that's the price you pay for a safer platform. Do you want a safer platform or do you want a virus-ridden cesspool? Yeah... I'll take the slower app updates, thank you very much!
     
    Last edited: Sep 10, 2019
    Capaill likes this.
  13. Kibaruk

    Kibaruk TechSpot Paladin Posts: 3,818   +1,182

    "Google is doing things so wrong!" "Android is a dump for viruses" and so on... for crying out loud, READ THE NAME of the apps:
    Antivirus Security – Security Scan
    Beach Camera
    Climate SMS
    Great VPN
    Quick Face Scan

    I'm almost amazed that there was nothing with a XXX or sexy next to it, It's also not like there is anything popular in there, half a million downloads in total between all of them? Most probably they were also paying for ads to recommend this installs.

    Yes I will grant, this should definitely not happen. A lot of things shouldn't happen however, there is always a way to cloud or hide malware, that's why the antiviruses need to update their definitions, the same thing happened with this apps.

    Edit: You should check the analysis of the malware, it's quite sophisticated and quote:
     

Add your comment to this article

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...