We all know how important it is to be careful when downloading apps onto our cell phones. In fact, in this mobile age, it is drummed into us to a similar extent to looking both ways when crossing the street. To push that parallel a little further, we are also told that downloading from the App Store or Google Play is the equivalent to using a pedestrian crossing. However, recent events have shown that even here, a 40-ton truck can occasionally come thundering through when the green light is saying it’s safe to cross.
In this case, the truck is the Joker malware and the pedestrian crossing is the Play Store. Google has rushed to remove six apps that contain the trojan – but preliminary indications suggest that up to a quarter of a million users have already installed the apps on their phones.
What is the Joker?
The Joker malware is nothing new. It first cropped up in 2017, and has since bubbled to the surface on a handful of occasions, making it one of the most notorious types of Android malware. By stealing device information, SMS messages and contact lists, it has been used to perpetrate various forms of billing fraud. For example, it can simulate clicks on your smartphone to sign you up for premium paid services without your knowledge.
As is the case with burglary or car theft, as security develops, so the criminals have to get smarter. In the case of cybercrime, this has meant some innovative thinking from the hackers, who seem to have used a strategy called versioning. Essentially, this means they infiltrate the app but do not add the malware at first. So initial releases are clean, trust is established and then when an update is released, the malicious code is added.
Which apps are affected?
Most recently, Google removed 17 apps that had the Joker malware. These are less of a worry, however, as they had only been available for a very short time, so only small numbers of downloads had taken place. Of more concern are the six apps removed for the same reason a week earlier, as these are believed to have had more than 200,000 downloads between them. The apps in question are as follows:
- Convenient Scanner 2
- Safety Applock
- Push Message (Texting and SMS)
- Emoji Wallpaper
- Separate Doc Scanner
- Fingerprint Gamebox
No app is invulnerable
It is important to understand that the apps themselves are not necessarily to blame, and that usually, the developers have no knowledge of the malware they are unwittingly harboring. Malware can find its way into even the most popular apps. In 2018, the Man in the Disk flaw exposed Fortnite users to potential hacking due to the way the game saves data to a device’s external storage. It essentially allows an app to substitute a genuine APK game file with malware. Tiktok has also hit the headlines for all the wrong reasons, with hacktivists issuing warnings on social media that the app is riddled with spyware.
Google on constant alert
The popularity of mobile games makes them a natural target for hackers, so Google and, to a lesser extent, Apple, face an ongoing challenge to ensure the apps they are offering up are clean and safe. Last year, the spotlight fell on gambling apps, when literally hundreds of Chameleon apps were removed from their sites. Interestingly, Apple’s App Store was hit even harder than Google Play with these kinds of attacks.
Chameleon apps are ones that appear to be one thing, but then switch to something else. In these cases, gambling apps were masquerading as something quite different. But in a number of cases, the fakes actually had higher ratings and more downloads than the apps they were imitating.
Gambling apps present a challenge from a security perspective at the best of times, as ostensibly, neither Google Play nor the App Store list them. This is due to the regulatory complexities, as money gaming is not legal in all nations and jurisdictions. Where they are allowed, they are hugely popular, so it is essential that players research their options carefully before downloading from third party sites. There is plenty of help out there, for example this is a useful guide that assesses trustworthy mobile casino sites and apps in the Canadian market. There are similar resources for other gambling-friendly locations.
How to ensure you are clean
Are you worried you might be among the quarter of a million people who have unwittingly installed a mobile app containing the Joker malware? If so, there are some simple steps you can take to ensure you, your phone and your data are safe and secure.
First and foremost, if you have installed any of the apps mentioned earlier, you should remove them immediately. This will lock the door, but what if the burglar is already in the house? Signs that the Joker malware might be present include slow running, increased data and battery use and, most significantly, the sudden appearance of dubious applications or unusually intrusive advertisements.
Even if there are none of these obvious signs, it is still a wise security precaution to scan your device with a good quality anti-malware app. There are plenty to choose from, and paying a little money is worthwhile. Bitdefender, Avast and ESET are popular choices.
Of course, there is truth in the old saying that prevention is better than cure. We outlined some advice earlier on how to reduce exposure through checking reviews and only installing software from reputable sources. But as the Google Play examples have demonstrated, that only mitigates the risk, it does not eliminate it.
You should still look left and right before stepping into the street, even if you have a green light, and likewise, it pays to remember those golden rules of cybersecurity that are so familiar. Never open dubious email attachments, even if they purport to come from someone you know or trust. Be cautious about clicking url links from unknown sources. Avoid downloading apps through third party platforms like Torrent or eMule. Instead, get them directly from the provider if, as in the case of casino or gambling apps, they are not available from Google Play or the App Store.
Most important of all, keep your wits about you. Give your device regular scans and health checks, and make sure apps are updated when they need to be. Finally, a regular clear-out is never a bad thing. Get rid of those apps you used once then forgot about. It will reduce your exposure and help your phone run faster, so call it a win-win!