Android Warns That More Than 500,000 People Hit by Malware

As we look ahead to the start of a new year, we are reminded that cybersecurity threats are decidedly not receding into the background. At the end of 2021, it was revealed that more than 500,000 Android device users installed an app that transmitted “Joker malware.”

The app was downloaded from the Google Play store, ZDNet reports.

Cybersecurity experts at Pradeo first pinpointed this malware and Google says it has removed it from its Android marketplace. If you are an Android user and you missed this news during the holiday season, end-of-year frenzy of family and activities, take note.

The app in question is called “Color Message,” and it was marketed for users to customize their SMS messages.

For people who downloaded the malware by accident, it “simulates clicks in order to generate revenue from malicious ads,” ZDNet explains.

Additionally, it automatically subscribes users into paid premium services designed solely to steal their money and perform billing fraud. Finally, this malware also dips into users’ contact lists and sends that information back to the hackers.

The tech website reports that researchers suggest there is some evidence that this information might be sent to Russia-hosted servers, but more still needs to be investigated.

“By using as little code as possible and thoroughly hiding it, Joker generates a very discreet footprint that can be tricky to detect,” Pradeo’s Roxane Suau is quoted by ZDNet.

If you haven’t yet, make sure you uninstall this app if you ever downloaded it to your device.

Pradeo experts say Joker has long been a bad actor. The malware was previously detected to be lurking in hundreds of other apps over the course of the past two years.

These cybersecurity experts say this most likely will not be the last we’ll hear of Joker. Given how effective this malware has been, it will most likely be applied in future app schemes.

As part of regular cybersecurity practices, always look into whether the apps you are downloading are properly vetted. Take note of where they are coming from, and be sure to never share your private, personally identifying or financial information to any third-party. You should always use unique passwords for any account you use on your device or online.

If you think you downloaded a suspicious app by mistake, make sure you delete it immediately.

Published by Peter Cavicchia

Peter Cavicchia is a retired U.S. Secret Service Senior Executive, now Chairman of the security consulting firm Strategic Services International LLC.

%d bloggers like this: