Joker Malware Found – Google Removes 17 Malicious Apps

Android Malware Infected Apps
Android Malware Infected Apps

The security researchers at Zscaler ThreatLabZ found the malware known as Joker or Bread from Android malicious apps.

How it Works?

In some of the Joker variants, researcher saw the final payload delivered via a direct URL received from the command and control (C&C) server. In this variant, the infected Google Play store app has the C&C address hidden in the code itself with string obfuscation.

Once installed, the infected app contacts the C&C server, which then responds with the URL of a final payload. This JSON file also has the information related to the class name that needs to be executed from the final payload to do all the malicious activities.

Upon receiving the JSON configuration from the C&C, the infected app downloads the payload from the received location and executes it.

Following 17 apps removed by Google, as listed by Zscaler, are:

  1. All Good PDF Scanner
  2. Mint Leaf Message-Your Private Message
  3. Unique Keyboard – Fancy Fonts & Free Emoticons
  4. Tangram App Lock
  5. Direct Messenger
  6. Private SMS
  7. One Sentence Translator – Multifunctional Translator
  8. Style Photo Collage
  9. Meticulous Scanner
  10. Desire Translate
  11. Talent Photo Editor – Blur focus
  12. Care Message
  13. Part Message
  14. Paper Doc Scanner
  15. Blue Scanner
  16. Hummingbird PDF Converter – Photo to PDF
  17. All Good PDF Scanner

Read the full research here

Join Our Club

Enter your Email address to receive notifications | Join over Million Followers

Previous Article

Winshark- Wireshark Plugin To Capture Windows Log And Network

Next Article
Cyber Financial

Top Financial Sector Cyber Threats In 2020

Related Posts