Joker Malware Found – Google Removes 17 Malicious Apps

Android Malware Infected Apps
Android Malware Infected Apps

The security researchers at Zscaler ThreatLabZ found the malware known as Joker or Bread from Android malicious apps.

How it Works?

In some of the Joker variants, researcher saw the final payload delivered via a direct URL received from the command and control (C&C) server. In this variant, the infected Google Play store app has the C&C address hidden in the code itself with string obfuscation.

Once installed, the infected app contacts the C&C server, which then responds with the URL of a final payload. This JSON file also has the information related to the class name that needs to be executed from the final payload to do all the malicious activities.

Upon receiving the JSON configuration from the C&C, the infected app downloads the payload from the received location and executes it.

Following 17 apps removed by Google, as listed by Zscaler, are:

  1. All Good PDF Scanner
  2. Mint Leaf Message-Your Private Message
  3. Unique Keyboard – Fancy Fonts & Free Emoticons
  4. Tangram App Lock
  5. Direct Messenger
  6. Private SMS
  7. One Sentence Translator – Multifunctional Translator
  8. Style Photo Collage
  9. Meticulous Scanner
  10. Desire Translate
  11. Talent Photo Editor – Blur focus
  12. Care Message
  13. Part Message
  14. Paper Doc Scanner
  15. Blue Scanner
  16. Hummingbird PDF Converter – Photo to PDF
  17. All Good PDF Scanner

Read the full research here

For the latest update about Cyber and Infosec World, follow us on Twitter, Facebook, Telegram , Instagram and subscribe to our YouTube Channel.

Subscribe to HackersOnlineClub via Email

Enter your Email address to receive notifications of Latest Posts by Email | Join over Million Followers

More from Priyanshu Sahay

Ransomware Attack On Florida City – Officials Decided To Pay $600,000

Ransomware Attack On United States City, Decided To Pay According to Riviera...
Read More