KEY POINTS

  • Android users should immediately delete these seven apps from their devices
  • A security expert discovered some apps are infected with the Joker malware
  • Google has reportedly already removed the infected apps from the Play Store

Owners of Android devices are advised not to download several apps on Google Play Store as they have been found carrying the dreadful Joker malware--a malicious software capable of emptying consumers' digital wallets and bank accounts.

Android malware analyst at Kaspersky, Tatyana Shishkova, disclosed on Twitter the name of the apps believed to be infected by the notorious Joker malware. Search engine giant Google has already removed the apps from the Play Store.

However, consumers who have downloaded and installed these apps should uninstall and delete them from their Android devices as soon as possible.

These benign but Joker-laden apps include Now QRcode Scan, EmojiOne Keyboard, Battery Discharging Animations Battery Wallpaper, Dazzling Keyboard, Volume Booster Louder Sound Equalizer, Super Hero-Effect, and Classic Emoji Keyboard. 

Malware A growing number of ready-made exploit kits known as EKs are using deceptive fileless attacks creating bigger challenges to defenders and compromising victims. Photo: Christoph Scholz/Flickr

The EmojiOne Keyboard had the most downloads of these seven apps; it had more than 50,000 installs when it was removed from the Google Play Store.

This is not the first time that the public has heard about the Joker malware.

Unlike other malicious software making rounds these days, the Joker can cause a lot of damage. At first, the malware stays undetected and since it is a spyware Trojan malware, its primary aim is to authorize operations without the owner's consent.

Most of its victims had lost a lot of money before discovering they had fallen prey to the awful malware. A similar software was found in 2017 and malicious actors had used it for SMS fraud.

The later versions of the malware targetted billing fraud that included threat actors executing injected clicks, SMS receivers and custom HTML pareses to orchestrate billing processes without the user's knowledge. Recently, the Joker malware was discovered to involve subscribing users to premium mobile services without their consent.

Google has the Play Protect technology that it hopes will soon catch these infected apps and provide automatic protection to users. "Google Play Protect checks apps when you install them. It also periodically scans your device. If it finds a potentially harmful app, it might send you a notification,... disable the app until you uninstall it, [or] remove the app automatically," according to the search engine giant.