Daily Gaming news, videos, reviews, tips & guides. Let's share our love of BigN games!

Les virus parviennent à ne pas être détectés pendant l'étape de validation par Google. © Geralt, Pixabay

The Joker virus is back on Android

Sure, the Joker malware has once again succeeded in breaking the security of the Play Store. This time he hid himself in a fun and harmless SMS customization app.

You will be interested too

[EN VIDÉO] Do our smartphones kill insects?
Pests are severely threatened by pesticides, urbanization and intensive agriculture. But cell phone waves can also harm them.

It is impossible to get rid of it! The Joker virus, which has been calling itself the Google App Store for almost four years, was rediscovered last week. He is a cyber security expert Brady The person who identified him was A.J. Application Named Color message. This application is designed to generate transactions SMS Removed from Play a few days ago, along with a collection of emoticons Store. The problem is, it’s had time to download 500,000 times. Brady, it’s his Postmortem », Says Virus load Came to connect with Russian servers.

With such use, the Joker had an excellent container. To use it, you must grant permission to access and manage contacts and message content SMS. What helps in data collection to trigger campaigns Fishing, For example. Similar campaigns that allow us to retrieve identities and why not get the dual factor security code they received SMS Exactly.

Terrible wisdom

Similarly, control over messaging usage allows users to subscribe to paid services without their knowledge. Via SMS. Yes the Malware The Joker comes back to Google Gallery and it’s very difficult to find because of its small footprint. This summer, the Joker has already been detected in eight apps for Android. Less evil than it used to be in hundreds of applications. Again, despite Google’s progress Thing For the security of its Play Store, it is better not to think outside the box and choose the worst reliable apps.

See also  Hot stage: Work is underway to install mirrors on the James Webb Space Telescope

Android: The Joker virus is back, affecting 17 popular apps

For three years now, the virus has been infecting applications in the Play Store. The policy remains the same: spy on your personal data and then subscribe to paid services. Here is a list of 17 infected applications that need to be uninstalled urgently.

Article by Fabrice Aucklert published on 01/06/2021

It was thought to be gone, but the Joker virus continues to haunt the Google App Store. Malware Has been in effect since 2017, was spotted this summer, and has again affected less than 17 applications. Obviously, you need to uninstall them when Google has already removed them Game Store.

They are researchers on the ThreatLabz team from the Cloud Security Company Zscaler, It has identified 17 applications that have been infected, and as it happens every time, the virus is hidden in the components of one application, making it seem very common and harmless. The Joker goes through several stages. First, a Trojan horse, Which is activated the first time the application is launched. So it loads in the background and it gets a chance to start downloading the most harmful components.

Do not grant access to your SMS or your directory

From there, always in the background, undetected, he begins his espionage phase: SMS, Contact lists, username and Password Captured … and worse yet because the malware can then subscribe the user to paid services! It is therefore necessary to monitor carefully ApplicationsThose who have access to SMS and contact lists, especially should not be given access to them!

See also  Lee: Download the NHS COVID-19 app and protect yourself and your loved ones | News

Often, the user answers “yes” to something different Windows Without realizing that it makes available the personal functions of the phone that can be exploited by hackers. Another tip: check the reviews published in the app before downloading, but also their numberStars. Affected applications are often hidden Users.

Android: Watch out for this virus subscribing to paid services

As of 2017, Joker malware has infected Android apps, forcing eleven users to subscribe to paid services. This new variant goes through Google’s verification and security steps.

Posted by Fabrice Auclert on 07/10/2020

Cat and mouse play continues between pirates and rats Google Games From the company Check point It was assumed in 2017 that new traces of the Joker, a malware identified, would be discovered and destroyed. His specialty? Hiding in classic and popular apps to enable payment for “off-in-app” services such as payment options. All without the user knowing.

This Thursday, security experts at Checkpoint discovered its presence in eleven applications, and they amassed over 500,000 downloads. The most worrying thing is that these eleven applications are available from this Game Store. This variant of the Joker has found a new way to hide Trojans in applications and thereby embed itself. Skills. The Malware It is hidden in the manifest file that each developer must integrate into his application and placed at the source of the application folder. It contains information about the author, logo, version, etc.

The malware disappears during the verification phase

In this file, the Joker puts the malicious code there, but it is encrypted in base 64, so it cannot be identified. When reviewing the Google file I apply For its verification, the code is inactive. Once the verification is effective and security checks are completed, the hacker’s server launches a hidden command on this code. Malware Can thus be implemented.

See also  Trend 2 Laptop or Computer Hottest Edition Download Total Game Cost Free

Warning, Google immediately Removed these applications from his store, But uninstalling them is explicitly recommended. These are ImageCompress, WithMe Texts, FriendSMS, Relax Relaxation, Cherry Messages, LovingLove Message, RecoveFiles, RemindMe Alarm and Training Memory Game. It is also advisable to look at your bank account and check that no fraudulent money has been taken.

Are you interested in reading now?