Half a Million Huawei Users Infected with Joker Malware
The security firm revealed that the security issues regularly come with new versions and modifications of malware. Earlier it was discovered in 2019. Doctor Web, said, Joker malware is a malicious code hidden as a system app. It allows the hackers to do anything on the device like it can disable the Google Play Protect service, install malicious apps, show ads, create fake reviews, and more. It can also steal SMS messages, contact lists, sign-up details, device information, and other personal data. All the malicious apps work as the original one, however, the security researchers said that they stayed below the radar without being detected by the user. The malware was available in virtual keyboards, a camera app, a launcher, sticker collection, a game, and more. Dr. Web says, eight of these infected apps were published by “Shanxi kuailaipai network technology co., ltd” and the other two apps were published by developer “何斌”. Below is the list of infected apps on Huawei AppGallery: Once the Huawei user download any of these apps, the malware is executed and it connects to the C&C server. With this, it receives all the important configurations and downloads and launches any additional components. This component is subscribed to the Android device automatically. Then the app asks for accessing notifications to intercept incoming SMS for premium services with the confirmation codes. However, Dr. Web reported the issue to Huawei, which then removed the apps from AppGallery. But if you have installed any of the malicious apps then you need to remove it manually from your device. You can check out the full list of apps with all the details here. Joker malware also infected 24 apps on the Official Play Store in 2019, however, Google removed those apps.
