A New Joker Malware App Has Been Downloaded by More than 500,000 Android Users

The Joker Malware on Android

More than half a million people have downloaded a malicious Android app from the Google Play store that secretly sends users’ contact details to an attacker-controlled server and registers them up for unwanted paid premium memberships.

Color Message
The popular messaging app Color Message detected with the latest Joker malware

Color Message (com.guo.smscolor.amessage), a popular messaging app, was detected to have the newest Joker virus, which has been detected to imitate user clicks and connect to Russian servers with the idea to monetize these activities and gain revenue from malicious ads.

According to mobile security company Pradeo, the compromised Color Message app exfiltrates users’ contact information and automatically subscribes them to undesirable premium services. When it is installed, the program has the option to conceal its icon so that it cannot be deleted. Presently, the app has been removed from the official app store.

Color Message’s creators declare in their terms and conditions that they are dedicated to ensuring that the software is as helpful and efficient as possible. They also declare that they are free to make adjustments or charge for the app’s services at any moment for any reason. However, they state that it is in their policy to never charge users for the app or its services unless they make it crystal clear precisely what you’re getting for your money.

First discovered in 2017, Joker (it can also go by the name of Bread) is a notable piece of fleeceware that has been reported to perform a wide range of harmful activities, including billing fraud and the secret interception of SMS messages, contact information, and device information without the knowledge of the users.

Android’s Security and Privacy Team noted that the virus developers have been utilizing a very creative set of sophisticated cloaking and obfuscation methods in an effort to go undetected and bypass Google Play protections.

About the author

Lidia Howler

Lidia is a web content creator with years of experience in the cyber-security sector. She helps readers with articles on malware removal and online security. Her strive for simplicity and well-researched information provides users with easy-to-follow It-related tips and step-by-step tutorials.

Leave a Comment

SSL Certificate

Web Safety Checker

About Us

HowToRemove.Guide is your daily source for online security news and tutorials. We also provide comprehensive and easy-to-follow malware removal guides. Watch our videos on interesting IT related topics.

Contact Us: info@howtoremove.guide

HowToRemove.Guide © 2024. All Rights Reserved.

Exit mobile version