MALWARE ALERT: ‘Joker’ Infiltrates Google Play Store

There’s a new malware threat on the Google Play Store ominously named after the Joker, the deranged criminal mastermind from Batman. The malware is capable of stealing money via subscription services you didn’t even know you’d signed up for.

The affected apps have been downloaded nearly half a million times which means your phone could be infected. Here’s a complete list of compromised apps you need to uninstall immediately.

Another day, another batch of Android apps that made it into the Google Play Store — accumulating hundreds of thousands of downloads — with some sneaky malware embedded in their code.

This time around, the malware is called “Joker.” As Aleksejs Kuprins writes over at the cybersecurity company CSIS, this particular malware is designed to silently sign users up for subscription services, something they might not even notice they did unless they’re diligent in checking their monthly credit card statements.

[referenced url=”” thumb=”×231.jpg” title=”Explainer: How Malware Gets Inside Your Apps” excerpt=”Malicious software on popular mobile platforms such as iOS and Android is at best a nuisance and at worst a security threat to individuals and businesses. Known as malware, some perpetrators use it to infect apps and get inside your smartphone. Why do they do it? Money, mostly.”]

He describes:

“For example, in Denmark, Joker can silently sign the victim up for a 50 DKK/week service (roughly ~6,71 EUR). This strategy works by automating the necessary interaction with the premium offer’s webpage, entering the operator’s offer code, then waiting for a SMS message with a confirmation code and extracting it using regular expressions. Finally, the Joker submits the extracted code to the offer’s webpage, in order to authorise the premium subscription.”

While Google has since removed the offending apps from the Google Play store, they managed to rack up more than 472,000 total downloads before their excommunication. If you have any of these apps installed on your own Android phone or tablet—or, worse, you actively use them—it’s time to delete them ASAP.

If you have used any of these apps, it’s worth checking your Google Play account for any unexpected subscriptions, though we doubt you’ll find anything there. Instead, you’ll want to take a peek at your credit card or bank statements as far back as June of this year, which is when the Joker malware started kicking off its latest batch of auto-subscriptions. You might also want to let your contacts know that you were potentially infected, as Joker pilfers your entire contact list and uploads it to a command and control server.

[referenced url=”” thumb=”×231.jpg” title=”Huge Malware Threat Discovered (And Google Doesn’t Have A Fix)” excerpt=”Google has allegedly known about a major security flaw with its Android operating systems for months, according to TrendMicro’s Zero Day Intiative – but there’s still no update to fix it. To make sure your device is safe, here’s what you should do.”]


One response to “MALWARE ALERT: ‘Joker’ Infiltrates Google Play Store”

Leave a Reply