Malware is no fun (some would say it bytes, if they were very funny). If installed on your Android device, malware can steal data, mess with functionality, and, on top of it all, trick your phone into installing more malware. Nobody intentionally downloads malware onto their phone, but it can be trickier than you think to spot it in the wild. Luckily, there are resources to help.
Joker malware is a problem
One of the biggest malware issues facing Android is Joker, the nickname for a bit of malicious code hackers love to attach to innocuous looking apps in the Play Store. These apps will ask for permissions to access way more of your data than they should, but they won’t actually take advantage of those permissions right away. Instead, they’ll lie in wait for some time before installing Joker malware onto your device. This is called a “dropper” attack.
Once Joker is installed on your device, it can quietly sign you up for premium subscription services (which you won’t even realise unless you check your credit card statement) and/or send data from your device back to the hackers; contact information, text messages, and other important and sensitive information is all fair game in this scenario.
How to spot a potential Joker app
Fortunately, you don’t have to blindly hope the next app you download is safe and Joker-free. Instead, just follow Tatyana Shishkova on Twitter. Shishkova (@sh1shk0va) is an Android malware analyst for cybersecurity company Kaspersky. Shishkova’s Twitter feed is largely devoted to exposing active apps on the Play Store that secretly carry Joker malware.
As of this writing, Shishkova’s latest exposure is an app called “Volume booster Hearing Aid.” Aside from the odd capitalisation of its name, the app seemed pretty standard for a random third-party app. Shishkova, however, identified it as an Android trojan for Joker, leading to its removal from the Play Store.
— Tatyana Shishkova (@sh1shk0va) November 15, 2021
It appears that every app Shishkova has highlighted on Twitter in the past has been removed from the Play Store, which means you’d do well to keep tabs on her feed. And while the apps’ removal is good news, they can still wreak havoc on devices that installed them, so it’s worth scanning her feed to check if any of your apps match ones she’s identified in the past.
Be cautious when downloading strange apps
This is certainly not the first time we’ve warned you about apps carrying Joker malware, and we doubt it’ll be the last. Joker is really good at skirting Google’s watch, so hackers often manage to sneak apps containing it onto the Play Store. Be vigilant: Before you download an app, make sure to vet it. How are the reviews? Does the app seem to serve a specific purpose? Do the description or images seem legitimate or fishy? Do the requested permissions make sense for its functionality? Asking yourself these questions before installation can save you a lot of headaches down the road.