Joker, Facestealer, and Coper Malware Rampant in New Play Store Apps

Joker, Facestealer, and Coper Malware Rampant in New Play Store Apps

Play Store is considered to be a safe and trusted storefront where Android users can discover, download and install apps. However, despite all the safety measures, harmful apps seem to find a way to sneak through all the security measures. 

Zscaler ThreatLabz and Pradeo found that many new apps on the Play Store are malware-laced. They use Joker, one of the most prominent malware families, to target Android devices. 

Although Google has taken all the steps necessary to discover such apps, the malware seems to get by the security checks because it modifies the malware’s trace signature. Doing so includes updating the code, payload-retrieving techniques, and the execution method. 

Joker is categorized as a fleeceware, which can subscribe the users to unwanted paid services and make calls to premium numbers, gather SMS messages, gather data from contact lists, and more. This malware was first found in Play Store apps in 2017. 

Recently, the two cyber security firms, Zscaler ThreatLabz and Pradeo, have found 52 Joker downloader apps, and cumulatively, the app has been downloaded over 330,000 times. These apps are hard to identify as they often pose as photo editors, emoji keyboards, photo editors, and translation apps. 

Most malware apps pose as other apps and switch to a malware-laced version after several installs and reviews. However, Joker developers have hidden the malware in common asset files and package applications. Through this new tactic, the malware manages to persist and does not need to be changed later on.

Facestealer and Coper malware were also discovered in a few Play Store Apps. The former allows the operator to extract Facebook credentials, and the latter functions as a banking trojan designed to steal a large variety of data. 

Although the findings are disappointing on Google’s part, they can help find new tactics which they can use to keep fleeceware at bay. At the same time, users should also be vigilant and not download apps that ask for unnecessary permissions and have few reviews.

Read also:

Abdul Wahab is a Software Engineer by profession and a Tech geek by nature. Having been associated with the tech industry for the last five years, he has covered a wide range of Tech topics and produced well-researched and engaging content. You will mostly find him reviewing tech products and writing blog posts. Binge-watching tech reviews and endlessly reading tech blogs are his favorite hobbies.