THE joker is one of the most prevalent malware in the Android app store. Even as Google took steps to combat the threat, it managed to bypass the company’s security checks by modifying its code. Another dreaded malware is FluBot, which claimed more than 70,000 victims in just 24 hours.

It gets inserted into fake apps from Google Play Store and can perform Premium subscriptions on services without the user’s consent and even if the program is uninstalled, the charges remain on the victim’s account. Joker is from the malware category called fleeceware.

Pradeo cybersecurity researchers regularly update the list of apps available in the Play Store store that are infected with Joker. In the last report, the program Color Message stood out.





08 Dec



03 Dec

The Color Message app allows users to customize their SMS messages. It was downloaded by over 500,000 victims on the Android system that they can’t even imagine what its true purpose is. The malware, in addition to subscribing the victim to premium services, is able to intercept the victim’s SMS messages, steal message content, contact list and even vital information from the user’s cell phone.

The agency claims that the Joker is difficult to detect as it uses few lines of code and the Color Message app is not easily uninstalled because it manages to hide its own icon after installation. As with many apps that hide malware, user comments on the Play Store page gave signs that the app was wrong. A user even asks how to cancel subscriptions made without their consent.

Google has removed Color Message from its store and recommends that whoever downloaded it, uninstall the app immediately.