Mobile security solutions company Pradeo has sounded an alert for Android phone users about a fresh version of the notorious Joker malware infecting new apps on the official Google Play store.
The Pradeo report updated on Thursday December 16 says: Today, Pradeo identified another infected application on Google Play. Users are advised to immediately delete it from their device to avoid fraudulent activities.
According to the report, a mobile application called Color Message infected with Joker malware is currently available for download on Google Play and was installed by more than half a million users. The application appears to be making connections to Russian servers, the report states.
Joker is categorized as Fleeceware, as its main activity is to simulate clicks and intercept SMS to subscribe to unwanted paid premium services unbeknownst to users. By using as little code as possible and thoroughly hiding it, Joker generates a very discreet footprint that can be tricky to detect. In the last two years, the malware was found hiding in hundreds of apps.
According to a Pradeo report, a popular app called Color Message which is used by 5 lakh users is the latest to get infected by the Joker malware. “The application appears to be making connections to Russian servers,” said the report.
The malware can simply subscribe users to paid service online without taking any permissions and can also click on online ads automatically. The malware can even read OTPs from SMS to secretly approve payments. Unless you check your bank statements, you will not even get to know that you are paying for some random online app or service.