It was recently seen that the release of the Joaquin Phoenix-starrer ‘Joker’, which has been receiving awards along with standing ovation at the film festival held in Venice. And as of now, it seems that there is malware with a similar moniker which is causing just as much problem as its name holds.
As per the Cybersecurity researcher Aleksejs Kuprins, many malicious apps have to get into the Google Play Store. And you need to be alert because they are sporting malware that can secretively take away your cash.
Dubbed ‘Joker’, is a malware that has been designed to secretively sign users up for various subscription services. These are mostly the ones for which they will be charged for over many months before they even have an epiphany of what is going on.
As per the Medium post in which Kuprins had explained his findings, the malware appears to be aiming at specific countries, including Australia, China, France, Germany, India, Kuwait, Malaysia, the United Kingdom, the United States, and many others.
Kuprins also says that he found 24 applications on the Play Store which were infected with the malware. These would specifically aim users in European and Asian countries, and ask them to be using a SIM card from those areas. Many of these apps seem to have started their stealth campaigns in June 2019, while some might have been around before that.
Before this, a clicker Trojan compiled within over 33 application with another 100 million downloads were also distributed via Google’s official Android store, as was an Android app with spyware capabilities borrowed from the open-source AhMyth Android RAT twice for over a time span of two weeks.
A proper list of indicators of compromise (IOCs) involving malware sample hashes, C2 domains utilized by the attackers, and the package names of affected Android applications are available at the end of CSIS Security Group’s analysis of the brand new Android Joker Trojan.