Over 500,000 Android Users Downloaded a New Joker Malware App from Play Store

From thehackernews.com

Android Malware

A malicious Android app with more than 500,000 downloads from the Google Play app store has been found hosting malware that stealthily exfiltrates users’ contact lists to an attacker-controlled server and signs up users to unwanted paid premium subscriptions without their knowledge.

The latest Joker malware was found in a messaging-focused app named Color Message (“com.guo.smscolor.amessage”), which has since been removed from the official app marketplace. In addition, it has been observed simulating clicks in order to generate revenue from malicious ads and connecting to servers located in Russia.

Color Message “accesses users’ contact list and exfiltrates it over the network [and] automatically subscribes to unwanted paid services,” mobile security firm Pradeo¬†noted. “To make it difficult to be removed, the application has the capability to hides it icon once installed.”

Read more…