Joker

Posted: September 9, 2019

Joker Description

Joker is an Android Trojan that uses compromised devices for generating fraudulent advertising revenue. Its attacks include data-harvesting and manipulating capabilities for SMS messaging that allow it to sign the device's users up to services automatically. Since there are no notable symptoms of this threat, users should depend on their anti-malware services for identifying and removing Joker infections.

The Joke's on Your Phone

Google's Play Store is the site of another series of threatening application attacks that, as per the norm, are capitalizing on others' hardware for monetary advantages. The application-bundled Trojan, Joker, gives its threat actors a backdoor into Android phones, not for spying or delivering other threats, but for making money. It does this through a combination of simulating advertising traffic and service signups, the latter of which even may cost the victim ongoing fees.

Although there are a few, geolocation-indiscriminate versions of Joker, most builds of the Trojan use a Mobile Country Code or MCC-based filtering list. This prerequisite keeps Joker from running on unwanted devices outside of target areas, such as Asia, the Middle East and Europe. North America is, notably, an omission from the acceptable region list, although Joker's control panel is in Chinese.

After it gets system access through the victim's installing the compromised or fake application, Joker retrieves its configuration data from its server and starts listening for incoming SMS messages. Although an attacker could use this feature for collecting all SMS messaging content, Joker limits it to catching authorization codes for premium service signups currently. It also includes advertising framework integration, ad click simulation, and collecting the user's phone book contacts.

Taking Out the Punch from a Trojan's Punchline

Although Google is removing contaminated Joker applications from its Play Store actively, more variants are likely of being in development and prep for release. Malware experts also are pointing out various stealth features in Joker, which obfuscates its code and communications and leaves as few signs as possible of being on the phone. Users may identify potential danger from an application's unusually slow splash loading screen, during which, Joker's loader initializes the Trojan in the background.

Users always should avoid application downloads from third parties without any security vetting for their software. Checking reviews may, in some cases, provide additional clues for an application's reputability or safety. The presence of active anti-malware programs should help catch unsafe applications, including more than just bundles for Joker, but also banking Trojans like Hqwar and the browser-hijacking xHelper.

With at least two dozen applications facilitating Joker's campaign, users shouldn't track specific brands for avoiding it. Update your anti-malware service for your phone and let it remove Joker automatically upon its identification.

Joker makes a laughing stock out of any phone's security but does so invisibly. Anyone wishing not to be the butt of its joke should take proactive vetting of their software downloads seriously.

Use SpyHunter to Detect and Remove PC Threats

If you are concerned that malware or PC threats similar to Joker may have infected your computer, we recommend you start an in-depth system scan with SpyHunter. SpyHunter is an advanced malware protection and remediation application that offers subscribers a comprehensive method for protecting PCs from malware, in addition to providing one-on-one technical support service.

Download SpyHunter's Malware Scanner

Note: SpyHunter's free version is only for malware detection. If SpyHunter detects malware on your PC, you will need to purchase SpyHunter's malware tool to remove the malware threats. Learn more on SpyHunter. If you would like to uninstall SpyHunter for any reason, please follow these uninstall instructions. To learn more about our policies and practices, visit our EULA, Privacy Policy and Threat Assessment Criteria.

Why can't I open any program including SpyHunter? You may have a malware file running in memory that kills any programs that you try to launch on your PC. Tip: Download SpyHunter from a clean computer, copy it to a USB thumb drive, DVD or CD, then install it on the infected PC and run SpyHunter's malware scanner.

Use SpyHunter to Detect and Remove PC Threats

If you are concerned that malware or PC threats similar to Joker may have infected your computer, we recommend you start an in-depth system scan with SpyHunter. SpyHunter is an advanced malware protection and remediation application that offers subscribers a comprehensive method for protecting PCs from malware, in addition to providing one-on-one technical support service.

Download SpyHunter's Malware Scanner

Note: SpyHunter's free version is only for malware detection. If SpyHunter detects malware on your PC, you will need to purchase SpyHunter's malware tool to remove the malware threats. Learn more on SpyHunter. If you would like to uninstall SpyHunter for any reason, please follow these uninstall instructions. To learn more about our policies and practices, visit our EULA, Privacy Policy and Threat Assessment Criteria.

Why can't I open any program including SpyHunter? You may have a malware file running in memory that kills any programs that you try to launch on your PC. Tip: Download SpyHunter from a clean computer, copy it to a USB thumb drive, DVD or CD, then install it on the infected PC and run SpyHunter's malware scanner.

Related Posts

Leave a Reply

Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter. If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.