Malicious Joker App Scores Half-Million Downloads on Google Play

Joker malware was found lurking in the Color Message app, ready to fleece unsuspecting users with premium SMS charges.

The Joker malware is back again on Google Play, this time spotted in a mobile application called Color Message. The app was downloaded more than 500,000 times before its removal from the store.

Users should immediately delete Color Message from their devices to avoid being defrauded, researchers at Pradeo Security warned.

Joker is a persistent threat that’s been kicking around since 2017, hiding itself within legitimate-seeming, common application types like games, messengers, photo editors, translators and wallpapers, many of them aimed at children. But once installed, Joker apps subscribe victims to unwanted, paid premium services controlled by the attackers – a type of billing fraud that researchers categorize as “fleeceware.” Often, the victim is none the wiser until the mobile bill arrives.

In the worst cases, the apps also exfiltrate contact lists and device information and can hide their icons from the home screen – which is the case with Color Message, Pradeo researchers said, adding that the application appeared to be making connections to Russian servers.

Color Message purported to offer the ability to jazz up messaging with

Read More: https://threatpost.com/malicious-joker-app-downloads-google-play/177139/