Security researchers found 17 Android apps infected with the Joker (Bread) malware, one of the most notorious security threats Google has been dealing with since 2017. Google Play Store has now removed them this week to prevent WAP billing fraud. 

(Photo : Photo by Leon Neal/Getty Images)
LONDON, ENGLAND - AUGUST 09: In this photo illustration, The Google logo is projected onto a man on August 09, 2017 in London, England. Founded in 1995 by Sergey Brin and Larry Page, Google now makes hundreds of products used by billions of people across the globe, from YouTube and Android to Smartbox and Google Search.

Also Read: Twitter Strengthen Security by Distributing Phishing-Resistant Security Keys to Employees Just Before the U.S. Elections after the July High-Profile Attack

"This spyware is designed to steal SMS messages, contact lists, and device information, along with silently signing up the victim for premium wireless application protocol (WAP) services," said Viral Gandhi, one of Zscaler's security researchers. 

Play Store published the 17 malicious apps, which were downloaded more than 120,000 times before the security researchers detected the malware. Here are the names of the applications. 

(Photo : Photo by Leon Neal/Getty Images)
LONDON, ENGLAND - AUGUST 09: In this photo illustration, A man is silhouetted against a projection of the Google logo on August 09, 2017 in London, England. Founded in 1995 by Sergey Brin and Larry Page, Google now makes hundreds of products used by billions of people across the globe, from YouTube and Android to Smartbox and Google Search.

Also Read: Who Is Ripjar? British Startup Raises $36.8 Million to Further Grow Its Technologies Against Frauds and Financial Crimes

You might want to check them out and see if you installed one of them. 

1) Tangram App Lock
2) Unique Keyboard - Fancy Fonts & Free Emoticons
3) Mint Leaf Message-Your Private Message
4) All Good PDF Scanner
5) Style Photo Collage
6) One Sentence Translator - Multifunctional Translator
7) Private SMS
8) Direct Messenger
9) Care Message
10) Talent Photo Editor - Blur focus
11) Desire Translate
12) Meticulous Scanner
13) All Good PDF Scanner
14) Hummingbird PDF Converter - Photo to PDF
15) Blue Scanner
16) Paper Doc Scanner
17) Part Message 

Although Google Play Store has already removed these apps, you still need to intervene and remove the app from your device manually if you downloaded one of them.  

How powerful is Joker malware?

The infected apps could easily sneak past Google's defenses and reach the Play Store, using a technique called "droppers," where the user's device is infected in a multi-stage process. Although the cyber attackers' strategy is simple, Google still finds it challenging to deal with it. 

The security scans could not easily detect malicious code since the malicious attacks are usually delayed by hours or days. Once a malicious app is installed, it will download and "drop" other apps or components that contain the Joker malware or different malware strains. 

What makes this malware notorious is that it can be uploaded by third-party Android app stores, making it more widespread. Security researchers detected more than 13,000 Joker samples ever since it was identified way back in 2016.  

For more news updates about the Joker malware, always keep your tabs open here at TechTimes. 

Also Read: TikTok Ban: US Calls Bytedance CEO 'Mouthpiece' of Chinese Communist Party Over New Filing

This article is owned by TechTimes,

Written by: Giuliano de Leon.