In order to fulfill the basic functions of our service, the user hereby agrees to allow Xiaomi to collect, process and use personal information which shall include but not be limited to written threads, pictures, comments, replies in the Mi Community, and relevant data types listed in Xiaomi's Private Policy. By selecting "Agree", you agree to Xiaomi's Private Policy and Content Policy .

Global Fans

[Other] [Mi Knowledge Hub #10] Joker Malware: What it is, What it does and How to fix it : Know More!

2019-09-15 06:36:45
4591 94

Hello Mi Fans,

Batman can’t help you with this “Joker.”A bad batch of Android apps briefly available in the Google Play store amassed hundreds of thousands of downloads — and they reportedly carry a malware code dubbed as "Joker", designed to sign you up for subscription-based services without user knowledge. This new Android malware may be the most twisted yet. Joker’s purpose, once deployed, is to sign up its victims to subscription services without their knowledge or consent. This new malware was first detected by CSIS Security Group malware analyst Aleksejs Kuprins, who has been monitoring the malicious code and penned a detailed analysis on Joker.

Though the apps have been removed from the Play Store, those who still have these on their devices are recommended to delete as soon as possible. But what is Joker malware, how many apps has it affected and in which countries? We take a look at everything to know about Joker malware:

  • What is Joker malware and what does it do?

Joker Trojan steals money from a user’s account by signing them up for premium subscriptions. It starts by silently simulating interaction with an advertisement without the user knowing and then even steals the victim’s SMS messages, which might contain OTP to authenticate payments. Once it infects a phone or tablet through one of the host apps, it steals the device's contact list and SMS text messages – scary stuff, but fairly commonplace in the murky world of malware.

It doesn't stop there, though. What makes the Joker a particularly deranged piece of malware is that it also manages to simulate interactions with websites, with the end result of signing up to a paid service – with the victim left to foot the bill. So essentially, a user might not even know that they have been signed up for a subscription service and the money is being deducted from their account unless maybe they check their credit card statements, etc regularly.

“This strategy works by automating the necessary interaction with the premium offer’s webpage, entering the operator’s offer code, then waiting for a SMS message with a confirmation code and extracting it using regular expressions. Finally, the Joker submits the extracted code to the offer’s webpage, in order to authorize the premium subscription,” reprt says

  • Joker malware: Which apps are affected and in which countries?

In total, the 24 affected Android apps have racked up over 472,000 total downloads on the Google Play Store – a sizeable enough number that it's definitely worth Android users double-checking their credit card statement to ensure the Joker isn't laughing at their expense. The list includes:

• Advocate Wallpaper

• Age Face

• Altar Message

• Antivirus Security- Security Scan

• Beach Camera

• Board Picture Editing

• Certain Wallpaper

• Climate SMS

• Collate Face Scanner

• Cute Camera

• Dazzle Wallpaper

• Declare Wallpaper

• Display Camera

• Great VPN

• Humour Camera

• Ignite Clean

• Leaf Face Scanner

• Mini Camera

• Print Plant Scan

• Rapid Face Scanner

• Reward Clean

• Ruddy SMS

• Soby Camera

• Spark Wallpaper

The Joker malware has targeted a total of 37 countries with a majority in Asia and the EU. In addition to India, the list includes Australia, Austria, Belgium, Brazil, China, Cyprus, Egypt, France, Germany, Ghana, Greece, Honduras, Indonesia, Ireland, Italy, Kuwait, Malaysia, Myanmar, Netherlands, Norway, Poland, Portugal, Qatar, Republic of Argentina, Serbia, Singapore, Slovenia, Spain, Sweden, Switzerland, Thailand, Turkey, Ukraine, United Arab Emirates, United Kingdom and United States.

  • Joker malware: How to fix it?

Whilst there are no big names in the list, nearly half a million downloads suggests that a fair few people have been hit by the Joker malware. If any of the apps above sound familiar, you'll want to trawl through your bank and credit card statements looking for suspicious charges. There is a good chance that the services the malware has signed up a user for will not appear in their Play Store subscriptions. So, to find that out, one will need to carefully sift through their bank account, credit card statement. The Joker malware is understood to have started its reign of auto-subscription terror in June, so that's the date to start from.

If you're particularly alarmed or have discovered you've already fallen victim to the attack, you may also want to consider how you store your credit card information on your phone or tablet. While the Joker is one of the more sophisticated malware viruses we've seen, it will only have been able to extract a payment from you if you had your details fully stored on your device. Lastly, attacks like the Joker highlight the value of investing in a quality mobile security solution.

  • Joker malware steals contact list so inform friends, maybe?

The CSIS Security Group blog post has revealed that Joker malware can also potentially steal a user’s device information as well as contact list so it is recommended that those infected call their friends to let them know about the Trojan.

“The final important thing worth mentioning about the Joker is the phone book contact list theft. The core component collects all numbers in the contact list and sends them over to the C&C in an encrypted form,” the post added.

According to the report, the current iteration of Joker malware campaign appears to go back as far as June of this year. Kuprins notes that Google removed the apps before his security firm reached out to the company, so it appears that the tech giant has been monitoring the situation as well.

Malware has long been a problem plaguing Android devices. Facebook has even gone so far as to file a lawsuit last month against one developer, whose malware-ridden Android app engaged in click fraud on the social media company’s ad network. While other recent Android-targeted malware campaigns have had broader reach, such as “Agent Smith,” which has infected 25 million devices, Joker’s automated subscription attack certainly makes it among the more interesting.

Have You Ever Been a Victim to Malware Attacks?

Are You Using any Antivirus on Your Phone?

Source: 1, 2


Number of participants 8 Experience +121 Pack Reason

View Rating Log

2019-09-15 06:36:45
Favorites38 RateRate

News Reporter

ᎮᏒᎥᏁፈᏋ | from Redmi Note 4X


well Explained Thank you for sharing
2019-09-15 08:24:53
Tech Explorer

Master Bunny

ganesha poerba | from Redmi Note 7


thanks for sharing....
2019-09-15 08:32:03

Pro Bunny

Swapnilbd | from Redmi 5 Plus


thanks for sharing
2019-09-15 09:53:44

Grand Master Bunny

Seragios | from Redmi 5


Thanks for sharing
2019-09-15 09:58:12

Pro Bunny

1804614950 | from app


thanks for info
2019-09-15 10:14:37


BeingBishal | from MI 9 SE


Informative Thtead!
2019-09-15 11:27:31

Pro Bunny

jihad.ptk1 | from Redmi Note 7 Pro


thanks for sharing the details
2019-09-15 11:34:44

Master Bunny

Focaccero | from Redmi Note 4


Thank you for sharing the facts with us!
2019-09-15 11:35:03
Thanks for information.
2019-09-15 11:59:24

Pro Bunny

mikica | from app


thanks for sharing
2019-09-15 12:17:44
please sign in to reply.
Sign In Sign Up


Süper moderatör

  • Followers


  • Threads


  • Replies


  • Points


3 Days Check-In
7 Days Check-In
21 Days Check-In
40 Days Check-In
Mi Explorers
9th Birthday of Xiaomi
Mi Bunny Winner
বাংলা নববর্ষ
9th Brithday
Suited and Booted
10k Mi Fans
Redmi Note 7
Cast Away
30K Members
Redmi Note 7 Into Space
Mi Love U & I
Bunny Winner
20K Mi Fans
Mi 9 & Mi 9 SE
70K Fans
Mother's Day
Día de las Madres
Best Mi
Happy Mother's Day
Android Q
50K Mi Fans
Mobile Photography Lover
40K Registered Users
Eid Mubarak
Eid ul-Fitr Mubarak
Brain Teaser
Perfil Personalizado
80K Mi Fans
200k Member
Best Writer
15K UK
Nuevo Logotipo Xiaomi
100K Mi Fans
Selfie Day
50K Users
Piñata Xiaomi
Three's A Party
Happy July
Mi 9T
Global Fans
My Country My Pride
Mi 9 SE
60K Registered Users
Check in
Profile Medal
MIUI 9th Birthday
Global Community
Mi A3
90k Mi Fans en México
100 Mil Mi Fans
wallpaper votes
Redmi 7A
better together slogan
Global Community
device poll
better together with friends
games discuss
Puzzle Master
Mid-Autumn Festival
90K Registered Users

Read moreGet new
Copyright©2016-2019, All Rights Reserved
Content Policy
Quick Reply To Top Return to the list