Google Play Store has banned 17 apps due to the widespread fear of a serious privacy breach and unauthorized access to user information. A cybersecurity company claims that these apps secretly sent personal information about their users by hosting dangerous spyware.
Zcaler’s Viral Gandhi claims that the ‘Joker malware’ was created to collect users’ private SMS messages, contacts, and device data. As an added bonus, it secretly enrolled users in paid WAP services.
According to Zscaler, about 1,20,000 copies of those 17 apps infected with the spying software were downloaded from the Google Play store.
Blue Scanner, Care Message, Part Message, Direct Messenger, Tangram Applock, Private SMS, All Good PDF Scanner, Unique Keyboard, Mint-leaf message, One sentence translator — Multifunctional translator, Hummingbird PDF converter — Photo to PDF, Paper Doc Scanner, Care Message, Style Photo College, Meticulous scanner, Desire translate, and Talent photo editor — Blur focus were all on the list of banned apps.
Many of the third-party apps available from the Google Play store are plagued by security risks like these. Six apps were previously removed from the Play Store after a cybersecurity firm reported that they contained malware. According to a blog post by Google, the Android security team has removed some 17,000 apps since the beginning of 2017.
The ‘Joker’ malware affects a wide variety of apps, creating a serious security risk for the Play Store. In fact, Google removed another group of malicious apps in July. These malicious programs employ a different method, called “Dropper,” to slip past Google’s security scan and infect the user’s device.
Consequently, when a user installs a joker-infected app on her device, it will initially only ask for permission to access the user’s sensitive information and credentials without actually doing anything dangerous; however, it will gradually drop its other components and malware through the app in order to carry out malicious activities. In the end, users need to be cautious when downloading apps and should examine the breadth of permissions, a particular application is requesting, to protect themselves from any unwelcome eavesdropping threat.
