More than 5 lakh Huawei users’ devices are infected by Joker Malware after they downloaded infected apps from the company’s official App Store. The security firm Dr. Web discovered ten apps were infected with the malicious code in the AppGallery(App store of Huawei).
Half a Million Huawei Users Infected with Joker Malware
The security firm revealed that the security issues regularly come with new versions and modifications of malware. Earlier it was discovered in 2019.
Doctor Web, said,
“In total, our specialists discovered that 10 modifications of these trojans have found their way onto AppGallery, with more than 538,000 users having installed them”.
Joker malware is a malicious code hidden as a system app. It allows the hackers to do anything on the device like it can disable the Google Play Protect service, install malicious apps, show ads, create fake reviews, and more. It can also steal SMS messages, contact lists, sign-up details, device information, and other personal data.
All the malicious apps work as the original one, however, the security researchers said that they stayed below the radar without being detected by the user. The malware was available in virtual keyboards, a camera app, a launcher, sticker collection, a game, and more. Dr. Web says, eight of these infected apps were published by “Shanxi kuailaipai network technology co., ltd” and the other two apps were published by developer “何斌”.
Below is the list of infected apps on Huawei AppGallery:
- Super Keyboard
- Happy Colour
- Fun Color
- New 2021 Keyboard
- Camera MX – Photo Video Camera
- BeautyPlus Camera
- Color RollingIcon
- Funney Meme Emoji
- Happy Tapping
- All-in-One Messenger
Once the Huawei user download any of these apps, the malware is executed and it connects to the C&C server. With this, it receives all the important configurations and downloads and launches any additional components. This component is subscribed to the Android device automatically. Then the app asks for accessing notifications to intercept incoming SMS for premium services with the confirmation codes.
However, Dr. Web reported the issue to Huawei, which then removed the apps from AppGallery. But if you have installed any of the malicious apps then you need to remove it manually from your device. You can check out the full list of apps with all the details here.
Joker malware also infected 24 apps on the Official Play Store in 2019, however, Google removed those apps.