The malware operators always keep finding new ways to target and spy on victims. Joker, one of the most prominent malware families active right now, has been targeting Android users for quite some time. Recently, the malware was observed using Github to hide its payload.
A new variant of the Joker malware has been discovered on Google Play, which uses Github pages and repositories to evade detection. This particular version was observed to be targeting mobile operator users in Thailand.
The app laden with Joker promised wallpapers in HD or 4K quality. This app was downloaded over a thousand times.
The app injects malicious code into a new location, instead of application class or launcher activity.
The victims may be unaware of any compromise initially because the malware has a functioning app.After infection, the malware subscribes users to a WAP service without their consent.
To counter attackers’ new approach, experts suggest having an updated anti-malware application on a smartphone, paying closer attention to what the apps are actually doing, and always using official sources to download apps.