Get ready joker is coming to haunt the audience again!!!
Here we are not talking about the Joker character of newly released movie but joker malware the latest threat emerged and are currently making vulnerable to almost half a million android devices.
According to CSIS security group brand new exclusive malware has been found in Google play store and this latest malware has been named joker.
This new joker malware is not an ordinary cyber threat which can be fixed easily. It is such a great threat which haunts the victim in their dreams. According to a security researcher Kuprins, “So far we have detected more than 24 apps with over 472,000 installs in total.”
How Joker Malware threats you?
Suppose if you have download any of the affected application in your device then you counter a problem when a splash screen frequently displayed during a various phases of initialization process occurring in the background.
The background process like obscure and AES encrypted configurations from the C&C payload distribution server.
Joker “conveys a second-arrange part, which quietly re-enacts the association with notice sites, takes the injured individual’s SMS messages, the contact rundown and gadget information,
This stealthy movement incorporates click re-enactment with a SMS accumulation module to add the capacity to enter approval codes for premium membership administrations.
Joining to premium SMS membership administrations is completely mechanized by Joker.
This system works via mechanizing the fundamental cooperation with the top-notch offer’s site page. It follow the process like entering the administrator’s offer code, at that point hanging tight for a SMS message with an affirmation code and extricating it utilizing normal articulations.
In the last demonstration, Joker presents that code on the administration website page to approve the superior membership.
Similarly, as with all great comic book motion picture side projects, the Joker malware has more than one plotline.
The second genuine outcome of introducing applications tainted with this malware is that it additionally gathers the entire phone numbers in your contact list before sending them scrambled back to the C&C server.
We should not overlook that to get those top-notch administration affirmation codes; Joker is additionally perusing all your approaching SMS instant messages.
Measures has been taken to defeat joker
Similar with the superhuman film, the trouble maker doesn’t dictate all the time. There are several factors that alleviate the effect of Joker.
To begin with, the contaminated applications incorporate a rundown of portable nation mobile codes, and just those clients whose gadgets have a SIM card from one of these nations will get that awful payload.
Most of the found applications focus on the EU and Asian nations.
The analyst likewise found that a large portion of the Joker applications include a look into the disease procedure that obstructs the payload execution if the gadget is running inside the U.S. or on the other hand Canada.
Approx. 37 nations including Australia, Belgium, Brazil, China, Egypt, France, Germany, Greece, Ireland, Italy, Kuwait, Netherlands, Norway, Poland, Qatar, Singapore, Spain, Sweden, Turkey, Joined Middle Easterner Emirates and the U.K. has been affected with Joker Malware.
Action Taken by Google
Google has figured out and removed all infected applications from play store. This is uplifting news as it demonstrates that the Google Play Ensure malware discovery, alongside Google security research group is working even with already unreported strains of malware.
The less uplifting news is that there have been already 472,000 install of the tainted applications, at any rate one of which hit 100,000, which proposes the malware assurance estimates aren’t as powerful as they could be.
All things considered, these numbers can be, and frequently are, swelled by downloading from phony records and bots as a major aspect of an “astroturfing” exercise to help the perceivability and trust of an application.
Conclusion
By going through above mentioned points we can say that this Joker Trojan is very dangerous threat.
Even the steps Google has taken to counter this problem are not desired results. It means Google bounty program is not good enough so Google needs to update its program in order to successfully tackle this situation.
Otherwise this threat cannot be fixed and another advice for users is always keep your device updated that way you can able to avoid the risk of this malware or any other threat.
Get in touch with us for more updates. Till then keep reading.
