The Joker, and the jokes continue, as criminals with its help are emptying back accounts of victims.
The Joker malware when the media publicized it as a malware capable of hiding in different Android apps. Since then, the malware has been playing hide-and-seek with Google. However, the Joker is just too slippery that it keeps getting inside Google Play Store, and Google is just playing a whack-a-mole campaign as it cannot stop it from re-entering.
What makes this malware troublesome, is because it's capable of subscribing victims into payment services without their authorization, and in the process, emptying their bank accounts without them noticing.
And this time, the Belgian Police warned about the return of the Joker malware.
"This malicious program has been detected in eight Play Store applications that Google has suppressed," said the Belgian authorities in a statement on its website.
The eight malicious apps include:
- Auxiliary Message.
- Element Scanner.
- Fast Magic SMS.
- Free CamScanner.
- Go Messages.
- Super Message.
- Super SMS.
- Travel Wallpapers.
Fortunately, Google has removed the apps from Play Store. But unfortunately, cybersecurity professionals then found more apps laced with the Joker:
- Private SMS.
- Hummingbird PDF Converter - Photo to PDF.
- Style Photo Collage.
- Talent Photo Editor - Blur focus.
- Paper Doc Scanner.
- All Good PDF Scanner.
- Care Message.
- Part Message.
- Blue Scanner.
- Direct Messenger.
- One Sentence Translator - Multifunctional Translator.
- Mint Leaf Message-Your Private Message.
- Unique Keyboard - Fancy Fonts & Free Emoticons.
- Tangram App Lock.
- Desire Translate.
- Meticulous Scanner.
The Joker malware is practically a Trojan virus, belonging to a family of malware known as Bread.
Its primary objective is to hack into victims' phone bills, and authorize the operations without the victims' consent.
Beyond that, the Joker can also read and collect text messages, contacts and other information on infected devices.
"You risk a big surprise at the end of the month in your bank account or on your credit card," said the Belgian police, referring to the unknown charges victims will see at the end of the month.
In fact, it is very common for those affected by 'Joker' to become aware of the theft until they review their account statement in detail. This is because banks don't suspect transactions that involve 'normal' app subscription and generally, won't consider the charges not normal due to their relatively small price.
To prevent being infected by the Joker, it's always recommended for users to install apps from Google Play Store, regardless the many instances the malware makes it to the store.
Users should also check for the developers, and never grant permissions that are not necessary or needed.
And if ever the malicious apps are installed, they have to remove them manually, as soon as possible.