Google removed 1,700 ‘Joker’ apps with malware from Play Store | Tech News

Google removed 1,700 ‘Joker’ apps with malware from Play Store

Google Play Store was plagued with these ‘Bread’ apps aka Joker which used multiple variants to get people to download them.

By: HT CORRESPONDENT
| Updated on: Aug 20 2022, 18:50 IST
FILE PHOTO: An illuminated Google logo is seen inside an office building in Zurich, Switzerland December 5, 2018. REUTERS/Arnd Wiegmann
FILE PHOTO: An illuminated Google logo is seen inside an office building in Zurich, Switzerland December 5, 2018. REUTERS/Arnd Wiegmann (REUTERS)

Google said it has detected and removed 1,700 malicious apps from the Play Store. These apps fall into a unique category called 'Bread' which is also known as 'Joker'. Google has been tracking these apps since 2017.

The latest report from Google highlights that these Bread apps were removed from the Play Store even before users could download it. But these apps still made its way through Google Play Store. Bread apps which have been around for quite some time now initially targeted users through SMS fraud. But attackers moved on to WAP billing method after Play Store's new policies against SMS frauds were rolled out.

You may be interested in

MobilesTablets Laptops
25% OFF
Google Pixel 128GB
  • Black
  • 4 GB RAM
  • 128 GB Storage
37% OFF
Google Pixel 7 Pro 5G
  • Obsidian
  • 12 GB RAM
  • 128 GB Storage
7% OFF
Google Pixel 7A
  • Charcoal
  • 8 GB RAM
  • 128 GB Storage
7% OFF
Google Pixel 7 5G
  • Obsidian
  • 8 GB RAM
  • 128 GB Storage

"As the Play Store has introduced new policies and Google Play Protect has scaled defenses, Bread apps were forced to continually iterate to search for gaps. They have at some point used just about every cloaking and obfuscation technique under the sun in an attempt to go undetected. Many of these samples appear to be designed specifically to attempt to slip into the Play Store undetected and are not seen elsewhere," Alec Guertin and Vadim Kotov explain in the blog post.

Also read
Looking for a smartphone? To check mobile finder click here.

The blog post further explains how these apps evolved from the older billing method to the new one but both took advantage of the user's carrier. SMS billing is a process where carriers partner with vendors to pay for services via SMS. Toll bill requires users to visit the URL to complete the payment.

"Malware authors use injected clicks, custom HTML parsers and SMS receivers to automate the billing process without requiring any interaction from the user," the blog post reads.

Bread apps have also different variants like displaying pop-up messages and posting fake reviews of newly published apps. Some apps even managed to bypass the Play Store's security by first releasing the clean version and offloading the malware later. Bread app developers have been discovered to use different variants and approaches and targeting different carriers. The attackers have also depended on sheer volume as their main tactic.

Activity has been varied though with up to 23 different Bread apps uploaded on Play Store on the same day. In some cases, there have been gaps of a week or more before the next move is made.

Catch all the Latest Tech News, Mobile News, Laptop News, Gaming news, Wearables News , How To News, also keep up with us on Whatsapp channel,Twitter, Facebook, Google News, and Instagram. For our latest videos, subscribe to our YouTube channel.

First Published Date: 11 Jan, 15:03 IST
Tags:
NEXT ARTICLE BEGINS