In the soon-to-be-released Joker movie, Joaquin Phoenix plays Arthur Fleck as he morphs into the complex, twisted and downright scary character we know from the Batman comic books and films. Back in the real world, security researchers have warned that a complicated, twisted and scary piece of Android malware called Joker has already been downloaded nearly half a million times from the Google Play store.
Joker malware: why so serious?
Hot on the heels of the Check Point Research revelation that 1.25 billion Android users are at risk from an “update settings” exploit, comes news of another scary Android threat.
Aleksejs Kuprins, a security researcher at independent cybersecurity threat intelligence specialists CSIS Security Group, has revealed that a new Android Trojan has been observed within the Google Play store for a couple of weeks now. “So far, we have detected it in 24 apps with over 472,000 installs in total,” Kuprins said.Today In: Innovation
Getting its name of Joker from one of the command and control (C&C) servers uncovered by CSIS researchers, this is an appropriately scary bit of malware. If you download one of the compromised Android apps, then more often than not, a splash screen will be displayed while various initialization processes take place in the background. These include the downloading of an obfuscated and AES-encrypted configuration from the C&C payload distribution server. Joker “delivers a second-stage component, which silently simulates the interaction with advertisement websites, steals the victim’s SMS messages, the contact list and device info,” Kuprins warned.
Read the full story at Forbes.com