Friday, September 13, 2019

The joker malaware

Another day, another Android malware – This time; The Joker malware is here not to creep you out but steal from you.

While “The Joker” might be your favorite villain fighting the dark knight, a new malware that goes by the name of it may not entertain you.
It has been recently discovered by researcher Aleksejs Kuprins, that The Joker malware infected 24 apps on the Google Play Storewhich had over 472,000 installations.
After successfully being deployed, the malware tricks and scams users by signing them up for premium subscription services all without their knowledge. It does so by using the background component and stealthily clicking on advertisements and other processes intended to reach its final goal.
Finally, since an authorization code would be required usually for confirming payments, it accesses the user’s SMS messages and copies any code needed.
However unlike most malwares, it only targets users in specific countries. This is evident as the apps infected contain mobile country codes from which the sim should belong to for it to receive the payload.
For example, in Denmark, Joker can silently sign the victim up for a 50 DKK/week service (roughly ~6,71 EUR). This strategy works by automating the necessary interaction with the premium offer’s webpage, entering the operator’s offer code, then waiting for a SMS message with a confirmation code and extracting it using regular expressions. Finally, the Joker submits the extracted code to the offer’s webpage, in order to authorize the premium subscription, wrote Kuprins in his blog"

3 comments:

  1. I am highly obliged by the writer; the piece that has been shared here is really very informative and very much useful. What procedure should be followed for activating AVG internet security unlimited?

    ReplyDelete
  2. I must admit that the writer is very well skilled, and also has enough experience all of it can be observed and understood well looking at the content of this blog. What should I do if My Yahoo Mail Account Password has stolen?

    ReplyDelete

FARDC and Wazalendo claim that many M23 have been neutralized and several villages liberated .

This Saturday 21/12/24 the village of KANYAMBI, a major stronghold of the M23_RDF in the Lubero territory was retaken by the Congolese army ...