We’ve spoken about the Joker malware before, of course. Awhile back, news emerged that a number of apps on the Google Play Store contained malware that stole social media credentials, while newer variants of the Joker virus were also hidden in various apps on the official Android app store. However, it now looks like the malware is migrating across to a brand new platform, one that was only recently created: the Huawei AppGallery.
According to a new report from Bleeping Computer, over 500,000 Huawei users have been discovered to have downloaded Joker-infected apps from the AppGallery. This malware automatically uses your device to subscribe to premium mobile services—without you knowing—with infected apps containing code to connect to a command-and-control server for instructions.
What’s worrying is that the infected apps can be difficult to detect, given the fact that many of these apps actually work as advertised (with added, unwanted functionality, of course). The apps usually also require access permissions to notifications—which allow the apps to access verification codes that are usually sent via SMS. All in all, the Joker malware can subscribe unknowing users to multiple paid services at any time—with a maximum of five at the same time.
If you want to avoid these apps (and you would, I’m guessing), Doctor Web reports that most of these come from Shanxi Kuailaipai Network Technology, with the following apps downloaded the most:
These apps have since been removed by Huawei, although if you have already installed them, be sure to manually check through your device to delete the apps, as well as associated installation packages and system files.
The Joker malware has been around for a number of years now, first emerging in 2017. It has mostly targeted apps in the Google Play Store, but with the AppGallery also listing Android mobile apps (new Huawei devices no longer have access to the Play Store or GMS), this new migration makes a degree of sense. Due to the difficulty of detecting infected apps, you’re best advised to always be on the lookout for apps that require more permissions than they should, while you should also try to avoid saving payment details in your phone if possible.
For the full report from Dr Web, click here.
Jaecoo J5 EV has made its first official appearance in Malaysia, allowing the public to…
If you're heading to Cameron Highlands with an EV, there are now more EV charge…
ChargEV continues to deploy more EV chargers at Aeon Mall premises. Shortly after turning on…
Malaysia's electric vehicle (EV) market continue to show strong momentum in June 2026, with 6,215…
Mercedes-AMG has unveiled the new CLA 45 4MATIC+, and for the first time, it is…
Tesla Malaysia has removed the Model Y Long Range AWD from its online configurator, leaving…
This website uses cookies.