Breaking into users’ devices via malicious applications is one of the common tactics used by malware authors. Recently, security experts from Pradeo uncovered a malicious mobile app available for download on Google Play, which was installed by more than 500,000 Android users. The malicious app, dubbed Color Message, reportedly infects the targeted devices with Joker malware. The application is suspected to be linked to Russian servers.
“Our analysis of the Color Message application through the Pradeo Security engine shows that it accesses users’ contact list and exfiltrates it over the network. Simultaneously, the application automatically subscribes to unwanted paid services unbeknownst to users. To make it difficult to be removed, the application has the capability to hides it icon once installed,” Pradeo said.
Color Message Installs Joker
The Joker malware, which first surfaced in 2017, is categorized as fleeceware. It was one of the most commonly infected types of Android malware used in carrying-out billing frauds and spying. It was extensively used in stealing SMS messages, contact lists, and device information. Since then, the Joker malware has been prevalent in several cybercriminal activities under various names.
Also Read: How to Secure Your Mobile Apps
The main activity of Joker malware is to simulate clicks and intercept SMS to subscribe to unwanted paid premium services unrecognized to users. Pradeo researchers stated that Joker malware extends its reach discreetly, evading security scans.
“The application’s very concise terms and conditions are hosted on an unbranded one-page blog and do not disclose the extent of the actions the app can perform on users’ devices. One of the victims has even tried reaching out to the application’s developer through the comment section of the legal page, other users are directly complaining about the fraud in the comment section of the app on the store,” Pradeo added.
How to Spot Malicious Apps
Even with multiple security checks and scans in place, several counterfeit and malicious apps remain undetected and make their way to the Play Store. Here are a few security tips to spot fake and malicious mobile applications:
- Check for Discrepancies in the App Icon
- Observe App and its Developer’s Name
- Watch the Download Count
- Screenshots and Reviews
- App Publish/Update Date and Permissions
Read our detailed report here…
