On 17th June 2021, Thursday, Quick Heal Technologies Ltd. has discovered Joker malware-laced mobile apps on Google Play Store, with around 50,000 downloads. The spy utilizes users' data by linking them to ads and subscribing them to premium services without users' consent. The malware accesses SMS, contacts, and other device details. The cyber security firm informed Google about these malicious applications and got them removed from the platform.
The detected apps are:
Once installed, these apps ask for various notification accesses, and run two payloads in the background that infect the system and steal information. Users are advised to verify the apps before downloading into their devices (check reviews, comments and download counts). Besides, carefully review the permission access and allow the ones which are needed by the app functions.