A terrifying Android scam is back, and here’s what to do to avoid it

One of the worst threats facing Android users is an unwelcome resurgence, security experts warn. The nasty threat, dubbed Joker, is designed to get Android users to sign up for premium – and hugely expensive – subscriptions behind their backs. That’s the final warning from the team of Zimperium, who work with Google to prevent infected apps from being downloaded to smartphones.

The security researchers say they have witnessed a “big rise” in apps loaded with the nasty Joker malware. Most of the applications associated with this threat come in the form of legitimate apps, which provide users with fun photo filters, games, wallpapers, and ways to translate text.

Once installed, these apps, which can be found in the Google Play Store, introduce the horrific Joker malware. This has the ability to install hidden spyware and premium dialers on devices, which then unsuspecting users can sign up for expensive monthly subscriptions they never wanted – and can’t afford to pay. Victims have found over £240 a year for these fraudulent subscriptions.

“Joker Trojans are malicious Android applications that have been known since 2017 for notorious for committing billing fraud and subscribing users to premium services,” explains Zimperium. “The result of a successful mobile infection is financial gain for the cybercriminal, often under the victim’s nose long after the money runs out, with little to no recourse for recovery.”

READ MORE: Spotify Can Be Blocked From Downloading Your Songs

Joker is nothing new, but it now seems to be taking revenge despite the efforts of Google and the App Defense Alliance – a program that includes Zimperium.

Zimperium says it has seen more than 1,000 new samples of Joker since its last report on the issue in 2020. And the company warns that cyber thieves have routinely found new and unique ways to get this malware into both official and unofficial app stores.

That means it’s likely that some of these malware-laden apps will make their way to the Google Play Store. The latter is usually considered a safe way for Android tablet and smartphone owners to browse and install new apps. However, Google has strong safeguards – unlike some of the other app repositories available online – malware still manages to infiltrate the store.

“While they never live long in these repositories, the persistence highlights how mobile malware, like traditional endpoint malware, doesn’t disappear, but continues to be modified and advanced in a constant cat-and-mouse game,” Zimperium added.

It is vital that all Android users do some research before downloading any apps on their device because once Joker infects the phone, it can generate huge bills without the owner ever knowing.

Last month, researchers at Quick Heal Security Labs found 8 apps loaded with Joker and the company told Android users to uninstall them immediately. They also offered simple advice on how to stay away from other malware threats. This includes…

• Download applications only from trusted sources such as Google Play Store• Learn how to identify fake applications in Google Play Store• Do not click on alien links received through messages or other social media platforms• Disable installation of unknown source option• Read the pop-up messages you receive from the Android system before accepting/allowing new permissions

You have been warned!