Google has purged 24 Android apps from its Play Store because the apps were signing people up for premium SMS services and stealing contact lists and text messages.
The existence of the malicious apps was disclosed last week by the Danish security firm CSIS, which noted that the malware -- dubbed "Joker" by CSIS after one of the malware's command-and-control domains -- executed only if the victim's SIM card corresponded to one of 37 countries, including most of Western Europe and North America, plus India, China, Australia and Indonesia.
However, in most of its implementations, the malware would not run in the United States or Canada.
MORE: Huge Android Security Flaw Revealed: What to Do Now
CSIS said the 24 infected apps had been downloaded by at least 472,000 people, although the number may be much larger because Google gives only vague details about an app's popularity. To Google's credit, the apps were removed from the Play Store even before CSIS reported them to Google.
Our colleagues at TechRadar compiled a list of the infected apps, possibly by cross-checking the filenames against those in third-party app stores, as the apps are gone from Google Play.
Tom's Guide cannot confirm that these are the exact apps that were infected, but you should check anyway to see if you have any of these installed, and remove any that match.
- Advocate Wallpaper
- Age Face
- Altar Message
- Antivirus Security - Security Scan
- Beach Camera
- Board picture editing
- Certain Wallpaper
- Climate SMS
- Collate Face Scanner
- Cute Camera
- Dazzle Wallpaper
- Declare Message
- Display Camera
- Great VPN
- Humour Camera
- Ignite Clean
- Leaf Face Scanner
- Mini Camera
- Print Plant scan
- Rapid Face Scanner
- Reward Clean
- Ruddy SMS
- Soby Camera
- Spark Wallpaper
As always, you should be wary of no-name apps, install apps only from Google Play, check app permissions and install and run (good) Android antivirus software.
