Android smartphone owners need to double check they haven’t accidentally installed a nefarious and infamous piece of malware which can seriously cost them a lot of money. The Joker malware is one of the most notorious hacking tools around, with this malicious software capable of signing Android users up to expensive subscription services that can end of costing them hundreds of pounds each month. Ever since the Joker malware was first detected in 2019, it has become a go-to choice for bad actors targeting Android devices. And now the infamous piece of software has been found on an app downloaded over 500,000 times from the Google Play Store.
The app in question is known as Color Message, and it looked innocuous enough at first glance – claiming to make SMS texting a more “fun and beautiful” with new emojis and more.
But, as researchers from Pradeo found, what Color Message offered was anything but “fun and beautiful” – as the app was merely a ‘fleeceware’ tool designed to steal money from unsuspecting users.
And, to make matters worse, besides signing users up covertly to expensive subscription services the study found Color Message also extracted users’ contact list and sent this sensitive information to Russia.
Pradeo’s Roxane Suau wrote: “Our analysis of the Color Message application through the Pradeo Security engine shows that it accesses users’ contact list and exfiltrates it over the network. Simultaneously, the application automatically subscribes to unwanted paid services unbeknownst to users. To make it difficult to be removed, the application has the capability to hides it icon once installed.”
When the cybersecurity firm published its findings on Thursday December 16, they said the app was still available on the Google Play Store. Thankfully, since then, the software has been removed after ArsTechnica got in touch with Google about the threat.
However, while the app has been delisted from the Play Store that won’t help the hundreds of thousands of people that already have downloaded the app onto their Android phone.
If you’re among the over 500,000 people that have downloaded Color Massage then make sure you delete the app immediately.
You can delete it by opening the Google Play Store then heading to Menu > My Apps & Games. The select the compromised app and choose uninstall.
However, uninstalling an app loaded up with Joker won’t be enough to cancel any subscriptions you’ve secretly been signed up to.
To cancel any expensive subscriptions you didn’t agree to, open the Google Play Store once again. Make sure you’re logged into your account then head to Menu > Subscriptions.
Look over all of the premium subscriptions you’re signed up for and if you find any that are suspicious select it and then choose cancel subscription. You will then need to follow the on-screen instructions.
www.express.co.uk
Leave a Reply