产品展示
  • 江铃福特 经典全顺手扶箱新全顺款汽车专用中央扶手箱USB改装配件
  • 骆驼汽车电瓶蓄电池L2400适配大众速腾朗逸迈腾宝来12v60ah
  • 专用于江淮帅铃T6避光垫汽车改装皮卡配件中控仪表台防晒遮光装饰
  • 竣达汽配江铃汽车配件陆风X6前左玻璃升降器开关总成带遥控器钥匙
  • 高音倒模支架 三分频改装a柱 汽车a柱倒模 音响喇叭改装支架
联系方式

邮箱:[email protected]

电话:020-123456789

传真:020-123456789

汽车配件

'Joker' malware secretly charges Android owners' credit cards

2024-10-30 08:29:24      点击:661

This new Android malware may be the most twisted yet.

An interesting new type of malware has been uncovered, coded within two dozen Android apps that have accumulated hundreds of thousands of downloads in the Google Play store.

Android users who downloaded any of the apps embedded with this malware, dubbed “the Joker,” will need to check their credit card bills. Joker’s purpose, once deployed, is to sign up its victims to subscription services without their knowledge or consent. This new malware was first detected by CSIS Security Group malware analyst Aleksejs Kuprins, who has been monitoring the malicious code and penned a detailed analysison Joker.

SEE ALSO:Here’s how malicious Android apps are sneaking malware onto your phone

According to Kuprins, the malware “delivers a second stage component, which silently simulates the interaction with advertisement websites, steals the victim’s SMS messages, the contact list and device info.” Basically, any user that was infected by Joker possibly had their phone’s texts and contact list stolen, too.

But the simulated interactions are where Joker gets a bit more twisted.

Mashable Light SpeedWant more out-of-this world tech, space and science stories?Sign up for Mashable's weekly Light Speed newsletter.By signing up you agree to our Terms of Use and Privacy Policy.Thanks for signing up!

“The automated interaction with the advertisement websites includes simulation of clicks and entering of the authorization codes for premium service subscriptions,” writes Kuprins. “For example, in Denmark, Joker can silently sign the victim up for a 50 DKK/week service (roughly ~6,71 EUR). This strategy works by automating the necessary interaction with the premium offer’s webpage, entering the operator’s offer code, then waiting for a SMS message with a confirmation code and extracting it using regular expressions. Finally, the Joker submits the extracted code to the offer’s webpage, in order to authorize the premium subscription.”

According to Lifehacker, the list of apps harboring the Joker malware include Advocate Wallpaper, Age Face, Altar Message, Antivirus Security - Security Scan, Beach Camera, Board picture editing, Certain Wallpaper, Climate SMS, Collate Face Scanner, Cute Camera, Dazzle Wallpaper, Declare Message, Display Camera, Great VPN, Humour Camera, Ignite Clean, Leaf Face Scanner, Mini Camera, Print Plant scan, Rapid Face Scanner, Reward Clean, Ruddy SMS, Soby Camera, and Spark Wallpaper.

Kuprins says that in total, the 24 apps racked up more than 472,000 downloads in the Google Play store. The apps have since been removed. If a user has any of those apps on their phone, they should be deleted.

According to the report, the current iteration of Joker malware campaign appears to go back as far as June of this year. Kuprins notes that Google removed the apps before his security firm reached out to the company, so it appears that the tech giant has been monitoring the situation as well.

Malwarehas longbeen a problemplaguing Android devices. Facebook has even gone so far as to file a lawsuitlast month against one developer, whose malware-ridden Android app engaged in click fraud on the social media company’s ad network.

While other recent Android-targeted malware campaigns have had broaderreach, such as “Agent Smith,”which has infected 25 million devices, Joker’s automated subscription attack certainly makes it among the more interesting.


Featured Video For You
The computer worm that changed the world

North Korea's record single
94% of North Koreans think reunification is 'necessary' : US study