We’ve spoken about the Joker malware before, of course. Awhile back, news emerged that a number of apps on the Google Play Store contained malware that stole social media credentials, while newer variants of the Joker virus were also hidden in various apps on the official Android app store. However, it now looks like the malware is migrating across to a brand new platform, one that was only recently created: the Huawei AppGallery.
According to a new report from Bleeping Computer, over 500,000 Huawei users have been discovered to have downloaded Joker-infected apps from the AppGallery. This malware automatically uses your device to subscribe to premium mobile services—without you knowing—with infected apps containing code to connect to a command-and-control server for instructions.
What’s worrying is that the infected apps can be difficult to detect, given the fact that many of these apps actually work as advertised (with added, unwanted functionality, of course). The apps usually also require access permissions to notifications—which allow the apps to access verification codes that are usually sent via SMS. All in all, the Joker malware can subscribe unknowing users to multiple paid services at any time—with a maximum of five at the same time.
If you want to avoid these apps (and you would, I’m guessing), Doctor Web reports that most of these come from Shanxi Kuailaipai Network Technology, with the following apps downloaded the most:
These apps have since been removed by Huawei, although if you have already installed them, be sure to manually check through your device to delete the apps, as well as associated installation packages and system files.
The Joker malware has been around for a number of years now, first emerging in 2017. It has mostly targeted apps in the Google Play Store, but with the AppGallery also listing Android mobile apps (new Huawei devices no longer have access to the Play Store or GMS), this new migration makes a degree of sense. Due to the difficulty of detecting infected apps, you’re best advised to always be on the lookout for apps that require more permissions than they should, while you should also try to avoid saving payment details in your phone if possible.
For the full report from Dr Web, click here.
Edaran Tan Chong Motor (ETCM) has announced that the Nissan Kicks e-Power is now open…
TikTok in partnership with Communications and Multimedia Content Forum of Malaysia (CMCF) have recently organised…
Tesla owners in Malaysia have reported that their vehicles can now perform the Autopark feature.…
After unveiling its latest smartphones, the Asus ROG Phone 9 series, to the world, Asus…
WhatsApp has introduced a new Voice Message Transcripts feature which allows users to easily convert…
This post is brought to you by Maybank. Unlock more than just transactions with MAE’s…
This website uses cookies.