Explore the latest news and trends  

Sign up for our weekly security newsletter

Be the first to receive important updates on security


Fresh spyware named Joker found in Google’s Android Play Store


Security researchers are cautioning Android phone users of new spyware which hides inside 24 apps within Google's Play Store. These apps have been downloaded across the world 472,000 times, they say. The spyware, dubbed "Joker" was first observed during June this year.


The malware applies treacherous tricks for contaminating the smart-phones belonging to potential targets so it can seize their contact lists, SMS messages, personal and device information along with many other details. Further to compromising the phone's privacy, Joker also secretly creates subscription services for the user alternatively premium paid admission into apps and websites without the user's knowledge.


Aleksejs Kuprins, software developer gives an analysis of Joker, including the way it steals user information within a post on his blog named Medium. The software maker observes that the majority of contaminated applications, inside 37 countries, impacted smart-phones within Asian and European Union nations. Google has since eliminated the 24 applications, which carried the spyware, from the Play. www.abc4.com posted this, September 7, 2019.


Explaining the malware further, Kuprins says that upon installation of any app out of those twenty four malevolent ones, an Android owner would find the ad framework exhibiting the application's logo on one splash screen. Meanwhile, the advertisement framework as well executes many other rogue processes invisible to device owner's eyes. One of these processes is downloading a DEX (Dalvik Executable) file of second stage onto the handset.


A kind of code file, the DEX plants a payload onto the Android OS which then intercepts SMS messages, contact lists, along with other information stored on the smart-phone. During several instances, researchers found the spyware getting victims to sign up to subscriptions for high-profile services like in Denmark victims signed up for services which cost Danish Kroner 50 (approximately EUR7) for every one week.


For bypassing security software, Joker receives robust commands along with code from its operators via HTTP followed with executing that code by utilizing callbacks from JavaScript to Java. Names of some countries where the spyware targeted users are USA, UK, Germany, France, China and Australia. Notably, Google has encountered spyware within apps on its app marketplace earlier too.


» SPAMfighter News - 9/11/2019

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Dear Reader

We are happy to see you are reading our IT Security News.

We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!

Go back to previous page