Google recently disabled 16 Android apps infected with Joker malware, but only users can uninstall them.
One of the most persistent pieces of malware targeting Android devices has reared its head again, this time appearing in 16 apps on the Google Play Store.
As security company Zscaler explains, the apps in question were infected with the Joker malware. It steals SMS messages, contact lists, and device information, but the most serious threat it poses to users is automatic sign-ups to premium wireless application protocol (WAP) services. With WAP billing, users get a shock next time they receive their mobile phone bill as the service costs are charged directly to it.
The Joker malware circumvents the Google Play app vetting process through a combination of code tweaks, execution method variation, and changes to how it downloads the payload allowing it to function, steal information, and trigger the WAP service sign-ups. Google has removed the 16 infected apps from the Play Store and disabled them on devices where they are installed, thought to be in the region of 120,000 devices. The list of apps includes:
–> All Good PDF Scanner
–> Blue Scanner
–> Care Message
–> Desire Translate
–> Direct Messenger
–> Hummingbird PDF Converter – Photo to PDF
–> Meticulous Scanner
–> Mint Leaf Message-Your Private Message
–> One Sentence Translator – Multifunctional Translator
–> Paper Doc Scanner
–> Part Message
–> Private SMS
–> Style Photo Collage
–> Talent Photo Editor – Blur focus
–> Tangram App Lock
–> Unique Keyboard – Fancy Fonts & Free Emoticons
Editors’ Note: This list initially included 17 apps, but Zscaler has since confirmed that one of the apps was placed on the list twice in error. We’ve reached out to clarify whether it will be replaced with a 17th or if the list stands at 16.
As ZDNet reports, the one thing Google can’t do, however, is remove the (now disabled) apps from a device. That task is left up to the user. If you have any of these apps installed, simply open Settings on your device, open Apps, find the app in the list, select it, and tap uninstall. You’ll know the uninstallation is complete when Android reloads the list of apps. Rinse and repeat the process if you have more than one of the apps listed above installed.
As the Joker malware is so difficult to thwart, it seems unlikely this is the last time we’ll hear about infected apps being removed from the Play store. If you’re unsure about installing a new app, do some checking first. A quick search for the app name could reveal it’s one to avoid or perfectly safe to install and use.