Security News > 2020 > July > Joker billing fraud malware eluded Google Play security to infect Android devices
Always a thorn in Google's side, the Joker malware arrived as a new variant a few months ago and evaded Google Play Protect to infect legitimate apps and sign people up to premium services.
Check Point researchers disclosed its findings to Google, which removed 11 identified apps from Google Play by April 30, 2020.
During evaluation time, Joker does not even try to load the malicious payload, which makes it much easier to bypass Google Play Store protections.
"We found it hiding in the 'essential information' file every Android application is required to have. Our latest findings indicate that Google Play Store protections are not enough. We were able to detect numerous cases of Joker uploads on a weekly basis to Google Play, all of which were downloaded by unsuspecting users."
"The Joker malware is tricky to detect despite Google's investment in adding Play Store protections. Although Google removed the malicious apps from the Play Store, we can fully expect Joker to adapt again. Everyone should take the time to understand what Joker is and how it hurts everyday people."
News URL
Related news
- Android malware 'Necro' infects 11 million devices via Google Play (source)
- New Octo Android malware version impersonates NordVPN, Google Chrome (source)
- Fake WalletConnect app on Google Play steals Android users’ crypto (source)
- Google Blocks Unsafe Android App Sideloading in India for Improved Fraud Protection (source)
- Beware: New Vo1d Malware Infects 1.3 Million Android-based TV Boxes Worldwide (source)
- Google Chrome gets a mind of its own for some security fixes (source)
- New Android Malware 'Ajina.Banker' Steals Financial Data and Bypasses 2FA via Telegram (source)
- New Vo1d malware infects 1.3 million Android TV streaming boxes (source)
- New Vo1d malware infects 1.3 million Android streaming boxes (source)
- TrickMo Android Trojan Exploits Accessibility Services for On-Device Banking Fraud (source)