views
Android users, be very careful before downloading an app that you do not know much about. Recent reports surfacing from numerous cyber security organisations state that the Google Play Store is facing an increasing influx of advanced malware now, more than ever before. The case in point is a recent report by cyber security organisation Zscaler, whose ThreatLabZ security research team has uncovered proof that in September alone, the Play Store saw apps being uploaded with at least 17 different versions of the commonly observed Joker malware. It is this impending malware threat that makes it very important for users to exercise caution while downloading an app, and also while giving it access to phone permissions.
According to the Zscaler security report, the malware has diversified into different versions in order to bypass security measures. The report details how the malware is disguised into the source code of seemingly authentic apps. In some cases, the apps in question directly download the malware on to the phones and deploy it by asking users to give permissions to features that the app may not necessarily need. In other cases, the malware is also partially downloaded when the app is installed, and the rest of the malicious payload is downloaded in the background as additional files.
According to the security report, these 17 versions of the Joker malware alone have contributed to at least over 1.2 lakh downloads from the Google Play Store. The malicious apps in question included All Good PDF Scanner, Mint Leaf Message-Your Private Message, Unique Keyboard – Fancy Fonts & Free Emoticons, Tangram App Lock, Direct Messenger, Private SMS, One Sentence Translator – Multifunctional Translator, Style Photo Collage, Meticulous Scanner, Desire Translate, Talent Photo Editor – Blur focus, Care Message, Part Message, Paper Doc Scanner, Blue Scanner and Hummingbird PDF Converter – Photo to PDF. All of these apps have now been removed from the Play Store after Google was alerted about the malware issue.
To prevent your data from being sacrificed, be sure to not download apps that are not published by verified developers. Even when you do download an app, do check for what permissions it asks for, and if you see that an app is asking for any permission that is not explicitly required by it, that in itself is a red flag. Apps bearing the Joker malware typically get SMS access and other features, and dupe users into subscribing to services that they never signed up for.
Given the increasing levels of threat coming on the Android app store due to the increasing malware attacks, it is very important that you keep yourselves safe.
Comments
0 comment