Google eliminated 17 apps from the Play Store after it learned that they were infected with malware that is known as the Joker, or Bread. The problem was detected by cybersecurity experts at Zscaler, who found a virus capable of stealing text messages, contact lists and information from the equipment where they were housed.
Malicious apps were registered on the Play Store in September, so they were not available long enough to win a considerable number of downloads. In total, the 17 applications were downloaded about 120 thousand times. If you downloaded All Good PDF Scanner, Mint Leaf Message-Your Private Message, Unique Keyboard – Fancy Fonts and Free Emoticons, Tangram App Lock, Direct Messenger, Private SMS, One Sentence Translator – Multifunctional Translator, Style Photo Collage, Meticulous Scanner, Desire Translate, Talent Photo Editor – Blur focus, Care Message, Part Message, Paper Doc Scanner, Blue Scanner, Hummingbird PDF Converter – Photo to PDF or All Good PDF Scanner, clean your phone.
Please note that apps removed from the store were promptly disabled from the devices where they were installed, but you will still need to remove them manually.
During 2020, this is already the third action by Google against apps infected with the Joker which, according to the company, is even one of the most persistent problems it has been dealing with on the Play Store.
To deceive victims, the creators of these apps replicate the functionality of legitimate applications so as not to trigger the alarms of Google’s security scans. The apps are fully functional, ask for some sensitive permissions, but do not run any malicious software in the first days of use. The attack begins days later, which inhibits the technology to detect malicious code. This technique is called “dropper” or “loader”.
Since 2017, Google has eliminated 1,700 apps infected with this malware. However, the company knows that some others, authorized by users and downloaded through unofficial sources, have already infected various equipment. Analyst Anquanke says she has detected more than 13,000 since December 2016.