What just happened? Joker has been i of the nearly prevalent forms of malware to appear on the Android store, and it's only been constitute hiding in another app, i that was downloaded 500,000 times. As with other Fleeceware, it signed users upwards to premium services without their knowledge.

Cybersecurity researchers at Pradeo regularly update an article identifying mobile applications bachelor on the Google Play Store infected with Joker malware. The latest entry, which came yesterday, highlighted an app called Color Message.

Color Message was ostensibly an awarding that allowed people to personalize their default SMS messages. Information technology was downloaded past 500,000 unsuspecting Android users who likely discovered its real purpose subsequently it was too late.

Joker'southward primary goal is to surreptitiously subscribe victims to premium services. It does this by simulating clicks and intercepting SMS messages. It can also steal SMS message content, contact lists, and device information

Pradeo writes that Joker can be difficult to discover as it uses very lilliputian code and conceals it thoroughly. The Colour Message app is difficult to remove as information technology can hide its own icon once installed.

As with many apps hiding malware, the negative user comments on the Play Store were a good indication of something existence incorrect. At that place's also a comment on the app'southward terms and conditions page from a user asking how to unsubscribe.

Google has at present removed Color Message, and those who accept downloaded it are advised to uninstall the application immediately.

Joker has wormed its manner onto hundreds of Play Store apps over the years, the nearly recent instance of which came in October when a fake Squid Game app downloaded thousands of times was found to contain the malware.

h/t: ZDNet