Thanks Thanks:  0
Likes Likes:  5
Results 1 to 9 of 9
  1. #1
    Join Date
    Mar 2004
    Location
    Ottawa, Canada
    Posts
    36,070
    Mentioned
    23 Post(s)
    Tagged
    0 Thread(s)

    Android security vulnerability in a large number of apps from the Google Store

    Android User? Delete These Apps Now
    by John Lister,
    September, 10 2019

    Nearly half a million users have been infected with "The Joker" malware through the Google Play store. The malware is particularly nasty and works by signing users up to premium services without their knowledge.

    The malware, spotted by researcher Aleksejs Kuprins, was found in 24 apps with a combined 472,000 downloads - though more apps may be found later. As of this writing, the 24 known apps have been removed from the Google Play store. (Source: techradar.com)

    Infected Apps Need to be Removed
    If you have any of the following apps installed on your phone, they should be removed immediately. The infected apps list is as follows:

    • Advocate Wallpaper
    • Age Face
    • Altar Message
    • Antivirus Security - Security Scan
    • Beach Camera
    • Board picture editing
    • Certain Wallpaper
    • Climate SMS
    • Collate Face Scanner
    • Cute Camera
    • Dazzle Wallpaper
    • Declare Message
    • Display Camera
    • Great VPN
    • Humour Camera
    • Ignite Clean
    • Leaf Face Scanner
    • Mini Camera
    • Print Plant scan
    • Rapid Face Scanner
    • Reward Clean
    • Ruddy SMS
    • Soby Camera
    • Spark Wallpaper

    Scam Happens Out Of Sight
    As is a familiar story with Android malware, most of the apps claimed to perform a simple task, and it appears the to be delivered as promised. The problem was what happened behind the scenes. The Joker malware is specially crafted to only work if the user's SIM card is registered in one of 37 countries, including the US, Brazil, Australia and most of Europe and Asia. All of these countries have mobile networks that allow users to subscribe to digital services, with the charges applied to their monthly phone service fee or taken out of a pay-as-you-go credit balance.

    The compromised apps are set up to receive encrypted instructions from a remote server, making it less likely they'll be spotted by security scans. The app will then usually display a screen with the app logo while "loading." In fact, this was when the nefarious activity was happening behind the scenes.

    Malware Scans Incoming SMS
    Once activated, the malware secretly loads a subscription page (which the user can't see) and signs up to a service. It then continues working in the background, looking for a confirmation code sent via SMS text message - something that's designed to be a security measure.

    The malware intercepts the message, copies the code and provides it to the subscription service as if the user had typed it in. The user is then hit with a monthly charge, which is usually quite small - around $7.40 USD in one case. (Source: medium.com)

    The scheme appears to be to go for a large number of victims while keeping the individual amounts small enough that there's less chance of people spotting the scam, unless they check their bills carefully.

  2. #2
    Join Date
    Aug 2017
    Location
    Winnipeg, MB
    Posts
    1,902
    Mentioned
    102 Post(s)
    Tagged
    1 Thread(s)

    Re: Android security vulnerability in a large number of apps from the Google Store

    What's ironic is google is spending an enormous amount of time and money searching for and divulging apple IOS vulnerabilities while Android is like the swiss cheese of Security with so many security holes and open attack vectors. not to mention most are distributed via their store

  3. #3
    Join Date
    Mar 2004
    Location
    Ottawa, Canada
    Posts
    36,070
    Mentioned
    23 Post(s)
    Tagged
    0 Thread(s)

    Re: Android security vulnerability in a large number of apps from the Google Store

    ^^ Totally agree. They gloat when they find an iPhone vulnerability. But when they find one, Apple usually has a bug fix shipped within a day or two. Google can't make the same claim.

    And people complain about how long it takes for Apple to approve apps. This is why it takes that long.

  4. #4
    Join Date
    Aug 2017
    Location
    Winnipeg, MB
    Posts
    1,902
    Mentioned
    102 Post(s)
    Tagged
    1 Thread(s)

    Re: Android security vulnerability in a large number of apps from the Google Store

    Yep. I usually feel somewhat secure when on the extremely rare occasion I add an app to my phone. I used to think (still do) that iPhones are bloody expensive but looking at what You have to pay for a Samsung phone to have google insecurity And ET phoning home more than windows 10. I’ll be sticking with Apple and my 5S is still holding up and hopefully will hold up till one of my friends upgrades in a year or 2 and buy their phone like an iPhone 8 or maybe something better.

  5. #5
    Join Date
    Mar 2004
    Location
    Ottawa, Canada
    Posts
    36,070
    Mentioned
    23 Post(s)
    Tagged
    0 Thread(s)

    Re: Android security vulnerability in a large number of apps from the Google Store

    I upgraded to an iPhone 8+ only to get a bigger screen to make it easier to read. I kept my 5SE as a backup; it's still working fine as is my son's SE. Great phone. Small, lightweight, reliable. I simply needed bigger fonts as my cataract got worse.

  6. #6
    Join Date
    Aug 2017
    Location
    Winnipeg, MB
    Posts
    1,902
    Mentioned
    102 Post(s)
    Tagged
    1 Thread(s)

    Re: Android security vulnerability in a large number of apps from the Google Store

    on the subject of mobile while on this forum... that new sidebar you added ... does weird stuff with the full site pages (old theme anyway)



    IMG_1056.jpg


    IMG_1057.jpg

  7. #7
    Join Date
    Mar 2004
    Location
    Ottawa, Canada
    Posts
    36,070
    Mentioned
    23 Post(s)
    Tagged
    0 Thread(s)

    Re: Android security vulnerability in a large number of apps from the Google Store

    Okay. I've disabled it for now on mobile devices but note that that old style is hopelessly out of date. I only kept it for you.

  8. #8
    Join Date
    Mar 2004
    Location
    Ottawa, Canada
    Posts
    36,070
    Mentioned
    23 Post(s)
    Tagged
    0 Thread(s)

    Re: Android security vulnerability in a large number of apps from the Google Store

    Okay. I've disabled it for now on mobile devices but note that that old style is hopelessly out of date. I only kept it for you.

    Or you could try Tapatalk...

  9. #9
    Join Date
    Aug 2017
    Location
    Winnipeg, MB
    Posts
    1,902
    Mentioned
    102 Post(s)
    Tagged
    1 Thread(s)

    Re: Android security vulnerability in a large number of apps from the Google Store

    Quote Originally Posted by David Baxter View Post
    Okay. I've disabled it for now on mobile devices but note that that old style is hopelessly out of date.
    I like it.. so Did Steve if I recall. Guess some of us old folk don't like change as much. Tried the new theme (sorry, nothing personal) but not a fan of it

    I only kept it for you.
    Thanks

    Or you could try Tapatalk...
    No Thanks ( We need to have a thumbs down thingy)
    Only Spyware allowed on my cellphone are apple default apps. Anything social or "socially helpful" not permitted.

Bookmarks

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Disclaimer: PsychLinks is not responsible for the content of posts or comments by forum members.

Additional Forum Web Design by PsychLinks
© All rights reserved.