MALWARE ALERT: ‘Joker’ Infiltrates Google Play Store

MALWARE ALERT: ‘Joker’ Infiltrates Google Play Store
Image: Supplied

There’s a new malware threat on the Google Play Store ominously named after the Joker, the deranged criminal mastermind from Batman. The malware is capable of stealing money via subscription services you didn’t even know you’d signed up for.

The affected apps have been downloaded nearly half a million times which means your phone could be infected. Here’s a complete list of compromised apps you need to uninstall immediately.

Another day, another batch of Android apps that made it into the Google Play Store — accumulating hundreds of thousands of downloads — with some sneaky malware embedded in their code.

This time around, the malware is called “Joker.” As Aleksejs Kuprins writes over at the cybersecurity company CSIS, this particular malware is designed to silently sign users up for subscription services, something they might not even notice they did unless they’re diligent in checking their monthly credit card statements.

Explainer: How Malware Gets Inside Your Apps

Malicious software on popular mobile platforms such as iOS and Android is at best a nuisance and at worst a security threat to individuals and businesses. Known as malware, some perpetrators use it to infect apps and get inside your smartphone. Why do they do it? Money, mostly.

Read more

He describes:

“For example, in Denmark, Joker can silently sign the victim up for a 50 DKK/week service (roughly ~6,71 EUR). This strategy works by automating the necessary interaction with the premium offer’s webpage, entering the operator’s offer code, then waiting for a SMS message with a confirmation code and extracting it using regular expressions. Finally, the Joker submits the extracted code to the offer’s webpage, in order to authorise the premium subscription.”

While Google has since removed the offending apps from the Google Play store, they managed to rack up more than 472,000 total downloads before their excommunication. If you have any of these apps installed on your own Android phone or tablet—or, worse, you actively use them—it’s time to delete them ASAP.

If you have used any of these apps, it’s worth checking your Google Play account for any unexpected subscriptions, though we doubt you’ll find anything there. Instead, you’ll want to take a peek at your credit card or bank statements as far back as June of this year, which is when the Joker malware started kicking off its latest batch of auto-subscriptions. You might also want to let your contacts know that you were potentially infected, as Joker pilfers your entire contact list and uploads it to a command and control server.

Huge Malware Threat Discovered (And Google Doesn't Have A Fix)

Google has allegedly known about a major security flaw with its Android operating systems for months, according to TrendMicro's Zero Day Intiative - but there's still no update to fix it. To make sure your device is safe, here's what you should do.

Read more


  • DON’T list malware apps and link them (specifically the Sparks Wallpaper, haven’t tried the others) to an APK download page. Yes it has details & Play Store has provably removed the app/s, but maybe link to a screenshot of the download details instead.
    #FacePalm (not submitting hashtags just being sarcastic)

  • Very Smart
    Most (tried all now – one dead link) link your malware list to an APK download page. Three of them:- Age Face, Advocate Wallpaper & Print Plant Scan are even listed as Safe To Download (was apkmonk, seems to be usual SOP). Sending a message to the download sites might be a good idea, too.

Log in to comment on this story!