Joker malware that signs victims up to premium subscription services discovered in 24...

midian182

Posts: 6,060   +50
Staff member

CSIS Security Group analyst Aleksejs Kuprins made the discovery, which he wrote about in a Medium post. Joker surreptitiously signs its victims up to premium subscription services by simulating the sign-up process. It also steals SMS messages, contact lists, and device information.

Kuprins explains that “the automated interaction with the advertisement websites includes simulation of clicks and entering of the authorization codes for premium service subscriptions.”

“This strategy works by automating the necessary interaction with the premium offer’s webpage, entering the operator’s offer code, then waiting for a SMS message with a confirmation code and extracting it using regular expressions. Finally, the Joker submits the extracted code to the offer’s webpage, in order to authorize the premium subscription.”

The malware potentially targets users in 37 countries, including the US and UK. For most of the apps, the victim has to be using a SIM card from one of the countries to receive the second-stage payload.

Google has now removed all of the infected apps from its store— you can see the full list below. If you were one of the nearly half-a-million people to download any of them, checking your bank/credit card statement for any suspicious transactions is advised.

Malware-riddled apps on the Play Store is far from a new phenomenon. Last month, CamScanner, a PDF maker with over 100 million downloads, was discovered to contain a Trojan Dropper.

Full list of apps infected with Joker Malware:

  • Advocate Wallpaper
  • Age Face
  • Altar Message
  • Antivirus Security – Security Scan
  • Beach Camera
  • Board picture editing
  • Certain Wallpaper
  • Climate SMS
  • Collate Face Scanner
  • Cute Camera
  • Dazzle Wallpaper
  • Declare Message
  • Display Camera
  • Great VPN
  • Humour Camera
  • Ignite Clean
  • Leaf Face Scanner
  • Mini Camera
  • Print Plant scan
  • Rapid Face Scanner
  • Reward Clean
  • Ruddy SMS
  • Soby Camera
  • Spark Wallpaper

Permalink to story.

 

captaincranky

Posts: 16,114   +4,892
FWIW, "Beach Camera" and many other camera dealers have, (IMO of course), somewhat questionable business practices from the jump, let alone with malware on their sites.

Again FWIW, and IMO, the only places worth doing business with are Adorama Camera, and B & H Photo Video, both of whom have toll free numbers, which I always utilize, instead of ordering directly off the web.
 

trparky

Posts: 814   +781
From the state of things, the entire Android is a Trojan, as it lets those things spread without control.

I think we need a new Mobile OS, one that would value security and privacy above all. Android clearly has failed, as a platform.
It's because Google ain't doing their jobs! They're not vetting the apps properly before letting them onto the Play Store. You don't hear of the same kind of app issues with the Apple App Store. What is Apple doing right in this situation?
 

loki1944

Posts: 430   +279
I'm done with Android. The sloppiness of the platform is unacceptable at this point. If Google doesn't want to make the effort to make a reasonably secure platform like apple, then apple will get my money.
 
  • Like
Reactions: trparky

trparky

Posts: 814   +781
I'm done with Android. The sloppiness of the platform is unacceptable at this point. If Google doesn't want to make the effort to make a reasonably secure platform like apple, then apple will get my money.
And I'd have to agree with you. If Google doesn't want to put the money where their mouth is and cultivate a more secure platform then eventually Android will become the same virus-ridden cesspool that people bash Windows for being. People bash Microsoft all the time for Windows being an insecure pile of hot garbage and for being a virus-ridden cesspool yet when we talk about how Android is essentially becoming just as bad, oh wait... somehow there's a double standard.

No, I don't accept double standards. If Microsoft and Windows are bashed for being insecure than Android needs to be as well. There's no room for double standards, either hold both companies (and their platforms) responsible for being insecure or you don't; there's no room for playing favorites.

I do have to love the tech community though, the amount of hypocrisy that flows forth from the tech community could drown a small town.
 
  • Like
Reactions: loki1944

Capaill

Posts: 1,200   +737
From the state of things, the entire Android is a Trojan, as it lets those things spread without control.

I think we need a new Mobile OS, one that would value security and privacy above all. Android clearly has failed, as a platform.
It's because Google ain't doing their jobs! They're not vetting the apps properly before letting them onto the Play Store. You don't hear of the same kind of app issues with the Apple App Store. What is Apple doing right in this situation?
Android is open source.
 

Teko03

Posts: 619   +329
I'm done with Android. The sloppiness of the platform is unacceptable at this point. If Google doesn't want to make the effort to make a reasonably secure platform like apple, then apple will get my money.
And I'd have to agree with you. If Google doesn't want to put the money where their mouth is and cultivate a more secure platform then eventually Android will become the same virus-ridden cesspool that people bash Windows for being. People bash Microsoft all the time for Windows being an insecure pile of hot garbage and for being a virus-ridden cesspool yet when we talk about how Android is essentially becoming just as bad, oh wait... somehow there's a double standard.

No, I don't accept double standards. If Microsoft and Windows are bashed for being insecure than Android needs to be as well. There's no room for double standards, either hold both companies (and their platforms) responsible for being insecure or you don't; there's no room for playing favorites.

I do have to love the tech community though, the amount of hypocrisy that flows forth from the tech community could drown a small town.
In Google's & Microsoft's defense...I think its more about about their OS's massive market share that puts a huge target on their back. You may have gained every developers attenton, but at the same time you've gained the attention of every malicious hacker as well.


From the state of things, the entire Android is a Trojan, as it lets those things spread without control.

I think we need a new Mobile OS, one that would value security and privacy above all. Android clearly has failed, as a platform.
Already had one, it was called Blackberry phones....you all wanted dumb apps so.
No love to Windows Phone / Mobile? Suffered the same fate for its lack of apps...companies and developers are too invested into both Android & iOS are for a new mobile OS to have any success now.
 

trparky

Posts: 814   +781
In Google's & Microsoft's defense...I think its more about about their OS's massive market share that puts a huge target on their back. You may have gained every developers attenton, but at the same time you've gained the attention of every malicious hacker as well.
This should make Google want to work even harder to make sure that bad apps don't slip into the Play Store. Obviously we're not seeing that happening because we see articles like this every couple of months in which Google said that they removed "thousands of bad apps" from the Play Store.

My argument is, knowing that Android is such a huge target Google should be putting even more resources in making sure that bad apps don't get into the Play Store in the first place! Removing them is all well and good, making sure that they don't get in there in the first place is more important.

It almost seems to me like Google doesn't care, they practically let anything into the Play Store. There needs to be far more vetting of apps before they go live on the Play Store and I'm not just talking about automated reviewing. There needs to be an actual human being going over said apps. Considering how much money Google makes they could afford a whole team of people to do so.

The argument to this, of course, is going to be that app updates are going to slow down but that's the price you pay for a safer platform. Do you want a safer platform or do you want a virus-ridden cesspool? Yeah... I'll take the slower app updates, thank you very much!
 
Last edited:
  • Like
Reactions: Capaill

Kibaruk

Posts: 3,836   +1,183
"Google is doing things so wrong!" "Android is a dump for viruses" and so on... for crying out loud, READ THE NAME of the apps:
Antivirus Security – Security Scan
Beach Camera
Climate SMS
Great VPN
Quick Face Scan

I'm almost amazed that there was nothing with a XXX or sexy next to it, It's also not like there is anything popular in there, half a million downloads in total between all of them? Most probably they were also paying for ads to recommend this installs.

Yes I will grant, this should definitely not happen. A lot of things shouldn't happen however, there is always a way to cloud or hide malware, that's why the antiviruses need to update their definitions, the same thing happened with this apps.

Edit: You should check the analysis of the malware, it's quite sophisticated and quote:
...The described trojan employs notably stealthy tactics to perform quite malicious activities on GooglePlay, while hiding within the advertisement frameworks and not exposing too much of its malicious code out in the open...
...
Some of the apps do rack up 100,000+ installs before they get removed, however, the install number can always be artificial to some degree due to the common astroturfing practices...