'Joker' Malware Infects 24 Android Apps: Delete Them Now

A Joker cosplayer at Epic Con in St. Petersburg, Russia, in 2018.
A Joker cosplayer at Epic Con in St. Petersburg, Russia, in 2018. (Image credit: ilikeyellow/Shutterstock)

Google has purged 24 Android apps from its Play Store because the apps were signing people up for premium SMS services and stealing contact lists and text messages.

The existence of the malicious apps was disclosed last week by the Danish security firm CSIS, which noted that the malware -- dubbed "Joker" by CSIS after one of the malware's command-and-control domains -- executed only if the victim's SIM card corresponded to one of 37 countries, including most of Western Europe and North America, plus India, China, Australia and Indonesia. 

However, in most of its implementations, the malware would not run in the United States or Canada.

MORE: Huge Android Security Flaw Revealed: What to Do Now

CSIS said the 24 infected apps had been downloaded by at least 472,000 people, although the number may be much larger because Google gives only vague details about an app's popularity. To Google's credit, the apps were removed from the Play Store even before CSIS reported them to Google.

Our colleagues at TechRadar compiled a list of the infected apps, possibly by cross-checking the filenames against those in third-party app stores, as the apps are gone from Google Play. 

Tom's Guide cannot confirm that these are the exact apps that were infected, but you should check anyway to see if you have any of these installed, and remove any that match.

  • Advocate Wallpaper
  • Age Face
  • Altar Message
  • Antivirus Security - Security Scan
  • Beach Camera
  • Board picture editing
  • Certain Wallpaper
  • Climate SMS
  • Collate Face Scanner
  • Cute Camera
  • Dazzle Wallpaper
  • Declare Message
  • Display Camera
  • Great VPN
  • Humour Camera
  • Ignite Clean
  • Leaf Face Scanner
  • Mini Camera
  • Print Plant scan
  • Rapid Face Scanner
  • Reward Clean
  • Ruddy SMS
  • Soby Camera 
  • Spark Wallpaper

As always, you should be wary of no-name apps, install apps only from Google Play, check app permissions and install and run (good) Android antivirus software.

TOPICS
Paul Wagenseil

Paul Wagenseil is a senior editor at Tom's Guide focused on security and privacy. He has also been a dishwasher, fry cook, long-haul driver, code monkey and video editor. He's been rooting around in the information-security space for more than 15 years at FoxNews.com, SecurityNewsDaily, TechNewsDaily and Tom's Guide, has presented talks at the ShmooCon, DerbyCon and BSides Las Vegas hacker conferences, shown up in random TV news spots and even moderated a panel discussion at the CEDIA home-technology conference. You can follow his rants on Twitter at @snd_wagenseil.