Trending

Stories

Malware Found in Google Play Store Affected Millions of Devices

Tidio Live Chat Software - Add Tidio live chat software to your website in minutes. Contact visitors and turn them into happy customers. Enhance their experience and boost your sales. Get it for Free

WP Rocket - WordPress Caching Plugin

Must Read

As we all know, Google has already removed 17 apps from Play Store after they were found infected by Joker or Bread malware. The cloud security company Zscaler apparently found malicious apps and immediately reported them to Google. However, the reports show that the infected apps were downloaded around 1.2 lakh times by that time, and millions of users are possibly affected by them.

According to Viral Gandhi, a security researcher from Zscaler, these apps were infected by the Joker aka Bread malware which opts to steal user information and register them to WAP services at the same time.

Also Read

He said:

This spyware is designed to steal text messages, contact lists, and device information. At the same time, it is quietly registering victims for advanced wireless application protocol (WAP) services.

Elegant Themes - The most popular WordPress theme in the world and the ultimate WordPress Page Builder. Get a 30-day money-back guarantee. Get it for Free

Now, what is these WAP services? WAP or Wireless Application Protocol is an application environment and set of communication protocols for wireless devices designed to enable manufacturer – vendor and technology-independent access to the internet and advanced telephony services. By registering for this service, user information becomes freer to access.

After getting the reports from Zscaler, Google deleted these apps from its official Play Store. In order to stop this kind of malware, the tech giant also introduced the Play Protect disable service. However, users still need to intervene to delete these applications from the device manually.

How Joker affects Google?

Joker aka Bread is known for conducting billing frauds by intercepting SMS to subscribe to unwanted paid services. It disguises itself as legitimate apps and makes purchases using WAP billing on behalf of users without them knowing about it. This is the third time the Google security team has recently dealt with Joker-infected applications.

Joker has become more of a subject of irritation to the tech giant of which they can’t seem to get over. Previously, Google deleted 6 infected apps, and in July. Google security researchers also found a batch of applications infected by Joker. As per the reports, this batch of the virus has been active since March and has successfully infected millions of devices.

According to Google, these infected applications use a technique called ‘droppers’ which is very simple, but difficult to defend. This technology allows the infected application to bypass Google’s security defense system, go directly to the Play Store and finally infect the user’s device in multiple stages.

The stages of infecting a device combine multiple processes. First, the creator of the malware will clone the legitimate application function and upload it to the Play Store. This clone application works the same as the original one and can request access. However, it will not perform any malicious operations the first time it runs. Google is unable to detect any malicious codes from these applications as their operations are often delayed for hours or days.

Once the user installs this application, it eventually downloads or drops other components or applications containing Joker malware or malicious software. This puts the user’s personal information into danger.

Google has already informed that Joker is one of the persistent malware they have been dealing with for quite a while. It has also stated that its security team has removed more than 1,700 applications from the Play Store since 2017. Though this kind of malware is difficult to remove, users can avoid them by staying alert when installing applications with broad permissions.

So, next time when a particular application lookout for suspicious permissions like SMS messages, contacts or call logs; make sure to check if it is infected or not.

iThemes WordPress Hosting

Stay updated

Subscribe to our newsletter and never miss an update on the latest tech, gaming, startup, how to guide, deals and more.

Latest

Stories

- Advertisement -
- Advertisement -

Latest

Grow Your Business

Place your brand in front of tech-savvy audience. Partner with us to build brand awareness, increase website traffic, generate qualified leads, and grow your business.

- Advertisement -

Grow Your Business

Get these business solutions, tools and services to help your business grow.
Elementor

Elementor -Join 5,000,000+ Professionals Who Build Better Sites With Elementor. Build your website with 100% visual design that loads faster and speeds up the process of building them.

WP Rocket

WP Rocket - Speed up your website with the most powerful caching plugin in the world. The website speed increase means better SEO ranking, user experience, and conversation. It’s a fact that Google loves a fast site.

Kinsta

Kinsta - If you are looking for WordPress managed hosting, Kinsta is in the leading front. Kinsta provides WordPress hosting for a small or large business that helps take care of all your needs regarding your website with cutting-edge technology.

OptinMonster

OptinMonster - Instantly boost leads and grow revenue with the #1 most powerful conversion optimization toolkit in the world. 700,000+ websites are using OptinMonster to turn their traffic into leads, subscribers, and sales.

Related

- Advertisement -
- Advertisement -
Tesla Records Double Net Profit in 2022 India to Produce Upcoming iPhones: Trade Minister Japanese Professor Developed A Power Semiconductor made of Diamond Google Releases New Product for India’s Merchants Indian EV Startup Unveil Two AutoBalancing Electric Scooters OPPO Find X6 Pro Images Render via Weibo Sony Develops New Tech to Reduce Noise of Image Sensors Tesla’s S & Y Models Earn Best-in-Class Cars of 2022 India Approved $320m to Promote Homegrown Payments Network Twitter Roll Out TikTok-like ‘For You’ Timeline on iOS
Nothing Phone Enters US with Beta Membership Program Finally! Apple’s VR Headset Coming this Spring Harvard Scientists Develop New Cell Therapy to Kill, and Prevent Brain Cancer HTC Vive XR Elite VR/AR Headset Now Selling for $1099 Realme 10 Launched in India with Helio G99 Gaming Chipset Twitter Data Breach Revealing User’s Private Information Instagram New Feature to Create Albums With Friend Redmi Note12 Pro Plus Launched in India