Google has recently removed 17 apps from the Play Store after discovering they were infected with the Joker malware. The move should help to prevent new infections.
If you own an Android smartphone, you should urgently check to see if you have any of the following apps installed:
- All Good PDF Scanner
- Mint Leaf Message-Your Private Message
- Unique Keyboard – Fancy Fonts & Free Emoticons
- Tangram App Lock
- Direct Messenger
- Private SMS
- One Sentence Translator – Multifunctional Translator
- Style Photo Collage
- Meticulous Scanner
- Desire Translate
- Talent Photo Editor – Blur focus
- Care Message
- Part Message
- Paper Doc Scanner
- Blue Scanner
- Hummingbird PDF Converter – Photo to PDF
- All Good PDF Scanner
If you are using one of these apps, you are at severe risk of being defrauded – you must delete it immediately.
What’s so unfunny about Joker?
Once installed, the Joker malware immediately begins spying on your phone, stealing information and sending it back to the hackers remotely. Joker copies SMS text messages and contact lists, providing criminals with sensitive personal information that can be used for identity theft, fraud or to launch other hacking activities.
Even more worrying, Joker can automatically enrol infected devices for premium wireless application protocol (WAP) services. These subscriptions could cost hundreds of Euros per month – all billed to your account.
How to defend against Joker
Joker malware has been designed to be extremely hard for Google to detect, which is why these infected apps have been successfully uploaded to the Play Store. The Google security team remove infected apps as quickly as they are discovered, but there are some things you can do to protect yourself too.
First, always have antimalware installed on your smartphone and ensure that you regularly scan for infections. You can download a free version of Panda antivirus for Android here.
Second, you will need to pay closer attention to what the apps on your phone actually do. When you launch an app for the first time, Android will alert you to what the app is trying to do. The app may request access to your camera, address book, SMS messages etc.
When you see these prompts ask yourself – “Does this app really need access to my messages or address book?” The app may claim that access to messages is required to share your pictures for instance – but you can always save to the built-in Google Photos app and send from there.
And do you really need a “special” messaging app? SMS, WhatsApp, Facebook Messenger, Telegram are safe and popular – and they are not infected with malware either.
Always read the messages
Always take a few seconds to read any alerts when installing apps as they often reveal something unexpected – and unwanted – may be happening. If you are ever unsure, or you have any doubts at all, simply deny the request or uninstall the app entirely.
Joker is an extremely clever piece of malware that has claimed thousands of victims. However, by following the tips outlined here, you can reduce your chances of being one of them.