We’ve spoken about the Joker malware before, of course. Awhile back, news emerged that a number of apps on the Google Play Store contained malware that stole social media credentials, while newer variants of the Joker virus were also hidden in various apps on the official Android app store. However, it now looks like the malware is migrating across to a brand new platform, one that was only recently created: the Huawei AppGallery.
According to a new report from Bleeping Computer, over 500,000 Huawei users have been discovered to have downloaded Joker-infected apps from the AppGallery. This malware automatically uses your device to subscribe to premium mobile services—without you knowing—with infected apps containing code to connect to a command-and-control server for instructions.
What’s worrying is that the infected apps can be difficult to detect, given the fact that many of these apps actually work as advertised (with added, unwanted functionality, of course). The apps usually also require access permissions to notifications—which allow the apps to access verification codes that are usually sent via SMS. All in all, the Joker malware can subscribe unknowing users to multiple paid services at any time—with a maximum of five at the same time.
If you want to avoid these apps (and you would, I’m guessing), Doctor Web reports that most of these come from Shanxi Kuailaipai Network Technology, with the following apps downloaded the most:
These apps have since been removed by Huawei, although if you have already installed them, be sure to manually check through your device to delete the apps, as well as associated installation packages and system files.
The Joker malware has been around for a number of years now, first emerging in 2017. It has mostly targeted apps in the Google Play Store, but with the AppGallery also listing Android mobile apps (new Huawei devices no longer have access to the Play Store or GMS), this new migration makes a degree of sense. Due to the difficulty of detecting infected apps, you’re best advised to always be on the lookout for apps that require more permissions than they should, while you should also try to avoid saving payment details in your phone if possible.
For the full report from Dr Web, click here.
Chery Malaysia has just issued a new statement following JPJ's recall notice for the Omoda…
After being out of commission for several months, the ChargEV chargers at Aeon Mall Shah…
The Kia EV9 has officially landed in Malaysia with a lower-than-expected price tag. Bookings for…
Digital Minister Gobind Singh shared today that the newly reconstituted board of Digital Nasional Berhad…
Samsung gave us a tour of its first flagship smart home showroom in Thailand, located…
[ UPDATE 4/05/2024 ] Here's how to check if your Omoda 5 is affected by…
This website uses cookies.