Google has banned some 52 apps from the Play Store after they were detected to have been infected with malware, accordingBGR.com. However, it has been found that hundreds of thousands of users had already downloaded them, thus the warning to take inventory of your apps to delete them.
Cloud security company, Zscaler said its ThreatLabz team earlier this week discovered apps that had been laced with malicious bugs from three malware families. The company immediately notified Google about the threats, and they were promptly pulled down from the Play Store, but not before hundreds of downloads were made.
The Joker, Facestealer and the Coper malware are constantly being modified and fortified to get past the Google’s tight security. In the case of Joker which had 50 of the 52 apps discovered, Zscaler explained what the malware does:
Joker is one of the most prominent malware families targeting Android devices…This malware is designed to steal SMS messages, contact lists, and device information, and to sign the victim up for premium wireless application protocol (WAP) services.
Zscaler’s analysis of the Joker apps shows that the developers are targeting the ‘communication’ category, meaning apps purporting to be messaging apps. Thy advise that you should ensure you trust the developer before downloading any such app.
Most commonly, threat actors disguise the Joker malware in messaging applications that require users to grant escalated access permissions by allowing them to serve as the default SMS app on the user’s phone.
The other malicious apps offer services related to online tools like PDF scanners, translators, among others. You can find a full list of all the affected apps here. Once you do, you should check your apps folder to ensure you don’t have any of them installed. If you do, you’re advised to delete them immediately.