Beware! These four apps are fleecing you silently

Beware! These four apps are fleecing you silently

If you have any of these four apps installed on your cell phone, it is time to delete them immediately.

Gautam S. MengleUpdated: Tuesday, July 12, 2022, 03:04 AM IST
article-image
Photo: Representative Image

Mumbai: If you have the apps for Smart SMS Messages, Blood Pressure Monitor, Voice Language Translator or Quick Text SMS on your cell phone, it is better to delete them. The four apps have recently been removed from the Google PlayStore after they were found to be injecting a malware in their users’ mobile phones which has been active since 2017.

The development is all the more significant in the Indian context as, according to Google’s own report about android security in 2022, India is among the top 10 countries where ‘potentially harmful apps’ (PHAs) are consistently downloaded.

The discovery was made by security researchers at Pradeo, a private firm that provides mobile cybersecurity solutions. Earlier this month, Pradeo’s research team found that these four apps had been hijacked by the notorious Joker malware, which is classified as a ‘fleeceware’; its sole purpose is to cause monetary damage to its targets.

Joker, which has been active since at least 2017, is believed to have targeted billions of mobile phones around the globe so far. These four apps alone have been downloaded at least one lakh times since they were put up on PlayStore.

Once inside the mobile phone’s system, Joker automatically subscribes to premium services, which could be anything from news alerts to astrology updates; the only condition being that these fall under the paid services category. The user unwittingly ends up paying higher bills than he was earlier and, if undetected, this might go on for months.

As per Pradeo’s research report, “To bypass two-factor authentication protocols during in-app purchases, smart SMS messages and blood pressure monitor apps intercept one-time passwords. To do so, the first one simply reads SMS and takes silent screenshots, the second one intercepts notifications’ content. Victims only notice the fraud when receiving their mobile phone invoice, potentially weeks after it started. All of these apps are programmed to install other applications on users’ devices, acting as droppers to potentially convey even more dangerous malware.”

In other words, Joker is programmed to open up the infected device to other, more serious malware. This is significant because a host of advanced malware can then target various sections of the infected device and its user, including private data, pictures and videos and banking information.

In a comprehensive report released earlier this year, Google stated that from January 2020 to March 2022, India remained in either the first or the second place in terms of most number of downloads of PHAs from PlayStore. Further, the second highest category in most downloaded PHAs is of Toll Fraud apps, which is another term for fleeceware like Joker.

This is not the first time that apps loaded with the Joker malware have been found and taken off PlayStore.

RECENT STORIES