A new malware in a few Google Play Store applications has forced the tech giant to take them offline. These applications seemed to be legitimate but had the ability to sneak files into the users device by downloading malware. This malware then subscribed the user to premium service without their consent.
The discovery of a new variant of the Joker Dropper and Premium Dialer spyware in Google Play was made by Check Point researchers. The researchers were able to spot 11 such apps with these suspicious packages. Google has removed these apps from the Play Store but users who had installed it prior to them being removed will have to do so manually. Here are the packages that were found to contain the Joker malware.
com.imagecompress.android
com.contact.withme.texts
com.hmvoice.friendsms
com.relax.relaxation.androidsms
com.cheery.message.sendsms
com.cheery.message.sendsms
com.peason.lovinglovemessage
com.file.recovefiles
com.LPlocker.lockapps
com.remindme.alram
com.training.memorygame
The researchers suggest users check their devices for these apps and immediately uninstall them. The user should then go through their credit card bills to check for any unintended subscription. If they find any discrepancies, they can unsubscribe to stay safe from future deductions. The user is also asked to install a security solution to provide any future issues. To read the detailed report on what caused the malware to enter Play Store click here.
Since the malware is very tricky to spot, it is expected to make a comeback in some applications. Users can keep tabs on their credit card statements to be sure that they aren’t victims to any of these apps.
Earlier this year, Google had removed around 1700 applications which were found to have a similar Joker malware. However, no user was able to download these apps before it was taken down.
