Android users, be very careful before downloading an app you don’t know much about. Recent reports from numerous cyber security organizations claim that the Google Play Store is facing a growing influx of advanced malware now, more than ever. The case is a recent report by cybersecurity organization Zscaler, whose security research team ThreatLabZ has uncovered evidence that in September alone, the Play Store saw apps loaded with at least 17 different versions of the commonly observed Joker malware. It is this looming malware threat that makes it very important for users to be careful when downloading an application and also giving access to phone permissions.
According to the Zscaler security report, the malware has diversified into different versions to bypass security measures. The report details how the malware is disguised in the source code of seemingly authentic applications. In some cases, the applications in question directly download the malware to phones and implement it by asking users to grant permissions to functions that the application does not necessarily need. In other cases, the malware is also partially downloaded when the application is installed, and the rest of the malicious payload is downloaded in the background as additional files.
According to the security report, these 17 versions of the Joker malware alone have contributed to at least more than 1.2 lakh of downloads from the Google Play Store. The malicious apps in question included All Good PDF Scanner, Mint Leaf Message-Your Private Message, Unique Keyboard – Fancy Fonts & Free Emoticons, Tangram App Lock, Direct Messenger, Private SMS, One Sentence Translator – Multifunctional Translator, Style Photo Collage, Meticulous Scanner, Desire Translate, Talent Photo Editor – Blur Focus, Attention Message, Part Message, Paper Document Scanner, Blue Scanner and PDF Converter Hummingbird – Photo to PDF All these apps have now been removed from Play Store after that Google received an alert about the malware problem.
To avoid having your data sacrificed, make sure you don’t download apps that aren’t published by verified developers. Even when downloading an app, check what permissions it asks for, and if you see an app request some permission that is not explicitly required by it, that in itself is a red flag. Apps that carry the Joker malware generally gain access to SMS and other features, and trick users into subscribing to services they never signed up for.
Given the increasing threat levels coming to the Android App Store due to increasing malware attacks, it is very important that they stay safe.
.
