Why so serious? Is it because you've had it up to here with the sudden onslaught of malware-infected apps pervading the Google Play Store? As if last week's report about money-stealing Android apps wasn't enough to scare us, now we have to worry about a malware family called "Joker" running amok inside the Google Play Store.
According to Zscaler Threatlabz, investigators discovered that Joker infiltrated 50 apps on the Google Play Store. Fortunately, Google promptly kicked them out of its app store, but if you happen to have any of them installed in your device, you must delete them immediately and check out one of our best mobile antivirus apps to rid your phone of any malware residue.
What is Joker malware?
Joker malware, according to Zscaler, is a malicious threat designed to steal your text messages, contact lists and device information. With this data, cybercriminals can sign you up for premium wireless application protocol (WAP) services. Joker sounds similar to toll fraud malware, a threat the Microsoft 365 Defender Research Team warned us about weeks ago.
Over the past two months, Zscaler Threatlabz investigators discovered 50 Joker malware-infested Android apps that attracted over 300,000 downloads in total. The blacklisted apps include Simple Note Scanner, Universal PDF Scanner, Private Messenger, Premium SMS and Text Emoji SMS. Want a full list of the 50 apps? Click here.
The researchers noted that most of the apps fall under the "communication" category, which makes sense because cybercriminals are seeking access to users' SMS messages.
Joker isn't the only malicious malware family Zscaler researchers spotted. Facestealer malware, which tricks users into entering their credentials by procuring fake Facebook login screens, was also found on the Google Play Store. Finally, Zscaler investigators discovered Coper malware in the Google Play Store, an information-stealing threat that can send malicious SMS texts on their victims' behalf.
How to dodge Joker malware and other cybersecurity threats
Zscaler researchers strongly advise Android users to stop giving permissions to untrustworthy apps; you may be unwittingly giving hackers access to sensitive information.
"Stick to the sources and providers you know and trust. Look for apps with very high install numbers and positive reviews. Seek out apps that are recommended by sources you trust and also feature lots of installs and positive reviews," Zscaler said in its report.