Googleโs latest reports reveal that the firm has removed about 1,700 apps from its Playstore, citing theyโre infected with malware called Joker (or Bread) that are actively involved in lobbying customers with SMS billing fraud. Apps belonging to this family were all removed even before theyโre permitted into Playstore.
There are numerous apps being submitted to Playstore every day for listing. While most of them are legit, few as Joker/Bread are malicious enough to be reported pulled down.
Following the introduction of new Playstore policies regarding WAP billing, Joker apps have withdrawn as the policy restricts SEND_SMS permissions. Thereโs yet another development of this Joker as Toll Fraud, which is similar to SMS frauds that trick users in subscribing to various unwanted subscriptions.
They follow heavy obfuscation in their codes to avoid detection by Playstore and mobile carriers. While this method helped for a while, newly changed policies taken them off. While users are saved by Playstore a bit, theyโre still vulnerable trusting these apps for their tempting services. Most of these fraud apps resemble the popular ones in Playstore, letting users believe theyโre worth and trustable.
Remember Google warning you as โThis app can allow unauthorized access to your data or deviceโ whenever youโre installing an app from unknown sources? Thatโs because the Play Protect has detected a backdoor of that app that may steal and send your data. Google, considering them as PHAs (Potentially Harmful Applications) has taken about 1,700 apps of such.
Google reports Evey year of how many apps that have banned or delisted from its store due to doubting reasons, and itโs been increasing every year. Though the user fails to notice such hidden agreements, Google detects them and notifies user before installing it. And when the user still opts for installing it, thatโs when he/she fails.
