What is the Joker doing?
The Joker malware tricks users into subscribing to paid subscriptions without their permission. It first responds to online advertisements without the user’s knowledge and then steals SMS messages, including OTP, and confirms transactions.
The user may not know the subscriber information or money lost for a paid subscription service.
Checkpoint, a cyber security firm, says the Joker virus has returned to the Google Play Store with minor changes to the code. This way, you can test the Google Play store, apps to overcome security.
Checkpoint said the Joker infiltrated mobile apps using old technology used to infiltrate personal computers.
This time the Joker malware used two components. One is the Notification Listener service that is part of the original application. The second is the Dynamic Dex file, which is loaded from the C&C server to allow the user to register for paid services.
The creator of The Joker was able to hide this dynamic dex file from anyone’s view. They use technology commonly used by malware makers to access computers.
Credit card, Bank Checkpoint suggested scrutinize the bills should be paid to the possibility that it will soon be prohibited to install and remove applications
These are the apps that have just been removed from the Google Play Store.
com.imagecompress.android
com.relax.relaxation.androidssm
com.cheery.message.sendsms
com.peason.lovinglovemessage
com.contact.withme.texts
com.hmvoice.friendsms
com.file.recovefiles
com.LPlocker.lockapsp
com.remindme.alram
com.training.memorygame