Joker Malware Disguised As Smart TV Remote App Targets Android Users

An Android malware campaign emerged on the Play Store with the malware midden within a Smart TV Remote app. The malicious app even garnered a few downloads before it was discovered. Eventually, Google removed the app after numerous reports. users with the app running on their devices must delete it immediately.

Malware Mimicking Smart TV Remote App

Recently, Kaspersky security researcher, Tatyana Shishkova, highlighted two malicious apps on Google Play Store. The apps actually embedded the infamous Joker malware that mimicked a Smart TV Remote app and a Halloween-themed app. While the latter didn’t attract significant installs, the Smart TV Remote app shows 1000+ downloads.

These two are not the only appearances of Joker malware. Shishkova also highlighted a few more apps later hiding Joker.

While all these apps have very few installs, it seems Joker malware is actively flooding Play Store these days.

According to the analysis shared by Bleeping Computer, the apps’ APKs included obfuscated payload files. These ‘XOR-encrypted’ files currently evade anti-malware detection. In addition, some users have also confirmed that the apps escape VirusTotal detection for now.

Google Removed The App From The Play Store

Following these reports, Google quickly removed most of the highlighted apps from the Play Store. Bleeping Computer has also confirmed the same.

However, one lately reported app, “Volume booster Hearing Aid,” still exists on the Play Store while writing this article. It currently shows 10+ installs only, with the latest version being 0.1.4.

While no one can pre-detect malware when applying such evasive strategies, users can still protect themselves by staying vigilant on what they download.

As a rule of thumb, users must refrain from downloading apps from third-party app stores. Whereas, when downloading apps from official stores like Google Play Store, users must stick to legit developers only. Quickly verifying the app developers and checking customer reviews can help in avoiding such issues.

Related posts

Water Facilities Must Secure Exposed HMIs – Warns CISA

Microsoft December Patch Tuesday Arrived With 70+ Bug Fixes

NachoVPN Attack Risks Corporate VPN Clients