Applications are hit, Spotted by security researchers from Zscaler, with the harmful Joker software, also known as Bread.
This fraudulent software is designed to steal SMS messages, contact lists, and device information, as well as covertly record the victim for paid WAP services.
The malicious apps were downloaded to the official Google store this month, and were downloaded more than 120,000 times before they were discovered.
- All Good PDF Scanner
- Mint Leaf Message-Your Private Message
- Unique Keyboard – Fancy Fonts & Free Emoticons
- Tangram App Lock
- Direct Messenger
- Private SMS
- One Sentence Translator – Multifunctional Translator
- Style Photo Collage
- Meticulous Scanner
- Desire Translate
- Talent Photo Editor – Blur focus
- Care Message
- Part Message
- Paper Doc Scanner
- Blue Scanner
- Hummingbird PDF Converter – Photo to PDF
- All Good PDF Scanner
Google, following its internal procedures, removed the applications from its store, and it used the (Play Protect) service to disable the applications on the affected devices, but users still need to remove the applications from their devices.
And represent This removal is the third measure of its kind from the Google security team against a group of apps infected with the Joker malware over the past few months.
Google removed 6 of these applications at the beginning of the month after they were monitored by security researchers, while the search giant removed it in July. Another group of apps infected with the Joker software.
The batch of apps removed in July had been active since March and infected millions of devices.
And resort to these infected applications usually to the use of technology called: “Droppers” in order to bypass the defenses of Google and access to the Android application store, where the victim’s device is infected in a multi-stage process.
From Google’s perspective, it is difficult to defend against this technology despite its simplicity, Where Malware developers mimic the functionality of a legitimate app while uploading it to Google Play.
This app works normally, and requests access to dangerous permissions, without performing any harmful actions when it is first launched.
And given that malicious actions are usually delayed for hours or days, Google’s security checks do not capture the malicious code, and Google usually allows the app to be listed on its store.
Once the application accesses the user’s device, it downloads the components and infects other applications on the device with the joker malware or other malicious software.
Google was published in January Post In it, the Joker software was described as a threat Most persistent and advanced I have dealt with in years past.
Google said: Its security teams have removed more than 1,700 applications from its store since 2017.