- The Odisha police are sending a public warning about the sudden spike in ‘Joker’ malware in the region.
- This is a type of adware for Android, created to generate revenue for its distributors at the expense of the victims.
- Most of the infected apps that circulate at the moment are secondary-importance software that could have been easily avoided.
The police in Odisha, India, warns about a rise in Joker malware for Android, presenting some common trickery examples on social media channels for everyone to take note of and avoid getting scammed. Typically, the actors are sending an SMS claiming something relevant to a pre-approved personal loan awaiting the recipient's approval or that the person’s bank account has been suspended and requires the submission of KYC (know-your-customer) details to re-activate it. The official advice is not to click on the embedded links and not to respond to these messages.
Joker malware is a type of ad-clicker (adware) app for Android that hijacks the user’s ad profile ID, fetches ads, clicks on them silently, and generates money for the distributors on the data expense of the victims. In addition to this, the malware can automatically register the victim to subscription services and send the cut to the actors. As such, this is a very damaging type of malware that has massive, large-scale implications. Due to its profit potential, actors are constantly trying to get it into the Play Store in various app forms, and oftentimes, they succeed.
In countries like India, where internet access is more often a case of mobile data rather than WiFi, the charges from Joker malware can have severe repercussions. As such, people are advised to be very careful with which apps they choose to install on their devices, where they source them from, and what permissions they grant to them upon installation. Also, installing a mobile AV solution and keeping it up to date would be an excellent method to keep things under control.
The apps that Odisha Police warns about right now are the following:
- Auxiliary Message
- Fast Magic SMS
- Free CamScanner
- Super Message
- Element Scanner
- Go messages
- Travel Wallpapers
- Super SMS
Obviously, none of these are necessary for productivity or other important services, so users who got tricked and installed them suffered fraudulent charges for no good reason. If you do have any of these apps installed on your device, you should remove it immediately and then run a filesystem scan using an AV tool.
Uprooting the malware isn’t always as straightforward as deleting the app. Make sure to also check your permissions list, unsubscribe from any services you don’t recognize, and check your credit cards and bank statements for any suspicious transactions.