Google removed 1.700 infected apps from its Play Store. The decision came after the company discovered the apps were carrying the Joker (or Bread) malware. This malware is involved in lobbying customers with SMS billing fraud. All these apps were all removed, even before they were permitted into Play Store.
Following the introduction of new Play Store policies regarding the Wireless Application Protocol (WAP), Joker apps have withdrawn because the policy restricts SEND_SMS permissions. Still, there is yet another development of this Joker as Toll Fraud. This is similar to SMS frauds that trick users in subscribing to various unwanted subscriptions.
Their codes follow heavy obfuscation in order to avoid detection by Play Store and mobile companies. And this method helped for a while. But the newly changed policies took them off. Although Play Store saves the users somehow, they are still vulnerable trusting these apps for the tempting services they offer. Most of these apps try to look like the popular ones in Play Store. Thus, users believe that they are worth and trustable.
Google’s warnings
This is the reason for which Google warns you that “This app can allow unauthorized access to your data or device” whenever you’re installing an app from unknown sources. This happens because the Play Protect has detected a backdoor of that app. Thus, it may steal and send your data to third parties. As Google considers these as PHAs (Potentially Harmful Applications), it decided to take off about 1.700 infected apps.
Every year, Google reports how many apps it has banned or delisted from its store due to doubting reasons. This number it’s been increasing every year. But users oftelny fail to notice such hidden agreements. That’s why Google detects them and notifies users before installing them. And when the users still opt for installing these software, it is the moment they fail. Also, last July, Google announced to pay more money to users who reveal vulnerabilities in-chrome OS and play store apps.
