The malware Joker was yet again caught making rounds on Playstore - Cybersecurity firm Pradeo identified at least six applications on the Playstore infected with Joker and now are banned from the same.
In July, Google had banned 11 apps containing the same malware.
Joker also is known as Bread has been characterized as a fleeceware. These apps' sole purpose is to charge huge subscriptions and other fees to clients for the features and services they could avail for free. These apps though tricks the user they however neither steal your data nor do they run any malicious code hence fundamentally they are not malwares. Simply termed fleecewear are malicious apps hiding in "sheep's clothing". Joker malware prompts the user into paying for certain featured via SMS and has little malicious coding and is very hidden to be detected by Playstore security checks.
The six Joker containing apps are-
Safety AppLock,
Convenient Scanner 2,
Push Message- Texting & SMS,
Emoji Wallpaper,
Separate Doc Scanner
and Fingertip GameBox.
Since these apps do not contain malicious code it's hard for security to detect them, “Many of these samples appear to be designed specifically to attempt to slip into the Play Store undetected and are not seen elsewhere,” Google wrote.
But Google is tightening the leash for apps notorious such as these. It announced earlier this year that developers will be required to make details of subscriptions, free trials, and introductory offers more precise and clear. "Part of improving the subscription user experience comes from fostering a trustworthy platform for subscribers; making sure they feel fully informed when they purchase in-app subscriptions," Angela Ying, Google product manager wrote in a blog.