Get rid of these apps with 300k+ installs that Google just kicked off Play Store for being dangerous

Though Google’s Play Store is supposed to be a safe source for app downloads, bad actors are getting smarter every day and finding new ways to evade measures designed to keep them out.
Cloud security company Zscaler’s research team ThreatLabz discovered numerous apps on the Play Store that were laced with Joker, Facestealer, and Coper malware families. The Google Android Security team has removed them, so if you have any of them downloaded on your Android phone, you must delete them immediately. 

Joker Android apps removed from Google Play Store

Joker was first discovered in 2019 and we have seen many variants of this spyware that stealthily subscribes people to premium services and steal text messages, contact lists, and device information, among other things. It keeps finding its way to the Play Store by regularly modifying its trace signatures. Over the past two months, the following Joker apps were found on Google’s official app store. 

  1. Simple Note Scanner
  2. Universal PDF Scanner
  3. Private Messenger
  4. Premium SMS
  5. Smart Messages
  6. Text Emoji SMS
  7. Blood Pressure Checker
  8. Funny Keyboard
  9. Memory Silent Camera
  10. Custom Themed Keyboard
  11. Light Messages
  12. Themes Photo Keyboard
  13. Send SMS
  14. Themes Chat Messenger
  15. Instant Messenger
  16. Cool Keyboard
  17. Fonts Emoji Keyboard
  18. Mini PDF Scanner
  19. Smart SMS Messages
  20. Creative Emoji Keyboard
  21. Fancy SMS
  22. Fonts Emoji Keyboard
  23. Personal Message
  24. Funny Emoji Message
  25. Magic Photo Editor
  26. Professional Messages
  27. All Photo Translator
  28. Chat SMS
  29. Smile Emoji
  30. Wow Translator
  31. All Language Translate
  32. Cool Messages
  33. Blood Pressure Diary
  34. Chat Text SMS
  35. Hi Text SMS
  36. Emoji Theme Keyboard
  37. iMessager
  38. Text SMS
  39. Camera Translator
  40. Come Messages
  41. Painting Photo Editor
  42. Rich Theme Message
  43. Quick Talk Message
  44. Advanced SMS
  45. Professional Messenger
  46. Classic Game Messenger
  47. Style Message
  48. Private Game Messages
  49. Timestamp Camera
  50. Social Message
All in all, more than 50 Joker downloader apps have been found on the Play Store by ThreatLabz till now with a combined download count of more than 300,000. They usually fall in the Communication, Health, Personalization, Photography, and Tools categories.

The mode of attack is that many apps are released together and hide within them a malicious payload. The Joker malware often hides in messaging apps that require you to grant escalated access permissions. It then uses those permission to achieve its motives. For instance, in the Enjoy SMS app, the payload is hidden in an obfuscated path. 

Facestealer malware

Facestealer malware is used to steal Facebook credentials with fake login screens. One of the apps that ThreatLabz came across was cam.vanilla.snapp and it has been downloaded more than 5,000 times.

Coper trojan

This banking trojan uses a multi-stage infection chain to compromise Android smartphones and run harmful activities. It targets banking apps in Europe, Australia, and South America. They are disguised as legitimate apps and once a user downloads them from Google’s Play Store, they unleash the malware infection capable of intercepting and sending SMS messages, keylogging, locking and unlocking screens, preventing uninstalls and allowing bad actors to take control of infected phones. This ultimately leads to the perpetrators gaining access to the information they need to rob victims of their money.

For instance, an app called Unicc QR Scanner prompts users to update the app as soon as it is installed. After that, a backdoor or malware is installed in the device to help the attacker gain full control of the phone.

Such apps keep popping up on the Play Store and even Apple’s app store, so it’s best to be vigilant and only install apps that come from trusted developers and have been downloaded many times. To be on the safe side, you should also go through the reviews posted about the apps. 
It’s recommended not to install messaging apps. You should also avoid granting notifications listener and escalated accessibility permissions to apps that look shady. 


Join Our Telegram Channel For Free Giveaways

Leave a reply