Joker discovers new Android app with virus: what it is

After a few months in the shadows, there is a new report of a virus-infected app The Joker Released on Google Play Store. This means the Joker has not lost one of its most dangerous traits: its ability to hide and pass Play Store security checks.

The feature that allowed it to spread Millions of smartphones worldwide, Through hundreds of infected Android apps, as reported by security analyst James WT on Twitter: Keyboard wallpaper. It is an application that promises to install new wallpapers and keyboards in addition to the standard one on the Android smartphone, which are two harmless functions. But that’s how the Joker spreads: hidden Apparently secure applications And only activates after a while. The application in question has been removed from the Play Store, but who has already downloaded it? Now it needs to be uninstalled.

Why Joker malware is dangerous

Also known as the Joker Bread, Is a virus for Android that was discovered in 2017. Since then, many versions have been identified with increasingly advanced features, but with behaviors similar to the original code.

Mainly the Joker One “Spyware“, It is a virus created to spy on a user’s behavior by reading data on a smartphone. The Joker can actually access the contact list, SMS and, in more advanced versions, even the files on the device.

This is “Tyler“, The software component of the smartphone that manages calls, use it to activate paid subscriptions without the user’s knowledge. Some versions of the Joker can access any credit card data on a smartphone.

How the Joker hides

The Joker’s characteristic that has won him over the last three years is his ability to hide and pass unprotected. Enable store controls.

It does this by hiding it inside the file AndroidManifest.xml, “File in Android Apps”Report“Application. That is, it allows the developer to describe to the Play Store what the application does.

Only when the app is approved and released on the Play Store The Joker comes into action And begins to affect the user’s smartphone. However, for now, it is too late and the app can remove all copies that have already been downloaded from Google They must be removed by hand.