Published 16:33 IST, July 11th 2020
Google bans 11 applications from the Play Store for injecting malware, details here
Google has banned 11 apps from its Play Store that were reportedly getting past the store’s security and vetting barriers, injecting malware into users' devices
Google has pulled 11 applications from its marquee Play Store for injecting malware into users’ smartphones. These mobile apps have been associated with the Joker malware, which emerged last year. A team of researchers at the cybersecurity firm Check Point has revealed that a new variant of Joker Dropper and Premium Dialer spyware was discovered hiding inside legitimate applications in the Google Play Store.
Check Point has released a statement saying that their team has found a new variant of the Joker Dropper and Premium Dialer spyware which hides in applications that appear to be legitimate. It also added the new version of Joker was able to download additional malware into the phone which would subscribe to premium services without the user’s consent or knowledge.
11 apps banned by Google
Here’s a list of all the 11 mobile applications banned by Google:
- com.imagecompress.android
- com.relax.relaxation.androidsms
- com.cheery.message.sendsms (two instances)
- com.peason.lovinglovemessage
- com.contact.withme.texts
- com.hmvoice.friendsms
- com.file.recovefiles
- com.LPlocker.lockapps
- com.remindme.alram
- com.training.memorygame
Check Point has explained that the Joker malware was able to get past the security and vetting barriers set by Google Play with the help of few changes to its code. It also said that the malware was using an old technique from the conventional PC threat landscape which helped it avoid detection by the Play Store. The new variant of this malware makes use of two main components to subscribe app users to premium services. The two components include Notification Listener service and the dynamic dex file loaded from C&C server.
Joker is among the most frequently found malware on Android devices, and this isn't the first time that it has made its way to applications on the Google Play Store. Earlier this year, Google had removed more than 1,700 apps that contained a malware called Bread, also known as Joker.
Vadim Kotov and Alec Guertin from the Android Security & Privacy Team had stated in a blog post that Google’s security team had been working to identify and track such malware since 2017. The malware was previously used for SMS fraud, however, with the updated security checks, it had to be modified for billing fraud.
Image credits: Google
Updated 16:33 IST, July 11th 2020