An Android malware researcher at Kaspersky is warning of a resurgence of the notorious Joker malware. In a series of posts on Twitter, Tatyana Shishkova has listed over a dozen apps which – on the surface – appear harmless but contain dangerous malware.
Joker is a particularly nasty Trojan, too. It often sits dormant in the background for a while after you install an app containing it, only later doing its dirty work. It’s nothing new: it has been a problem on Android for a long time.
It’s capable of stealing the contents of SMS messages – such as one-time security codes – and even signing you up to subscriptions for hundreds of pounds or dollars per month without you knowing.
Google has removed these apps from the Play Store already, but if you have any of the apps below installed on any of your Android devices you should remove them immediately.
- Classic Emoji Keyboard
- Battery Charging Animations Battery Wallpaper
- Battery Charging Animations Bubble Effects
- EmojiOne Keyboard
- Easy PDF Scanner
- Flashlight Flash Alert On Call
- Halloween Coloring
- Now QRcode Scan
- Dazzling Keyboard
- Smart TV remote
- Volume Booster Louder Sound Equalizer
- Volume Booster Hearing Aid
- Super Hero-Effect
As you can see, some of these apps have similar names. Shiskova warned about Battery Charging Animations Battery Wallpaper on 4 November, but although it was removed from the Play Store just a week later the similar-sounding Battery Charging Animations Bubble Effects app appeared, also infected with Joker.
The app developers and app icons aren’t the same, but the fact the format of the developer names used are so similar: Erica E. Guel and Charles M. Roseman suggests the same people are behind them. Indeed, most of this list of apps uses the same naming format.
#Joker Android Trojan on Google Play: https://t.co/kgzbO696go Nov 9, 10+ installs pic.twitter.com/FyBPETsRwA
— Tatyana Shishkova (@sh1shk0va) November 15, 2021
How can you avoid becoming a victim of Joker malware?
You’d be forgiven for thinking it was safe to download apps from the Google Play Store. Unfortunately the reality is that even Google can’t prevent malware-laden apps from slipping through its security measures.
The usual advice would be to avoid installing apps from outside of the Play Store, but that doesn’t apply here.
However, you can try to avoid installing dodgy apps in the first place by reading reviews before downloading any app. This may or may not give you an indication of whether it’s dangerous – if it’s brand new, you still won’t know.
You could opt to only install apps from trusted developers, but a better way is to use capable antivirus software on your Android phone and tablet. Some of these are free, so there’s really no excuse for leaving your devices unprotected.
Apps aren’t the only way that malware – including Joker – can get onto your device. You can also get caught out by phishing emails or messages which take you to fake login pages, such as LinkedIn, Facebook and other well-known sites. Again, antivirus software can warn you when a website isn’t the genuine article, but you should carefully read messages and check links (look at the URL they link to) before you click.
Related articles for further reading
Author: Jim Martin, Executive Editor
Jim has been testing and reviewing products for over 20 years. His main beats include VPN services and antivirus. He also covers smart home tech, mesh Wi-Fi and electric bikes.