Urgent Android warning over apps infested with Joker malware – the Google Play downloads you should delete immediately

ANDROID users are being warned about a number of applications that are reportedly infested with the Joker malware.

The urgent warnings come from cybersecurity experts who have identified a list of apps from the Google Play store that should be deleted immediately.

SOPA Images/LightRocket via Gett

Cybersecurity experts have identified four new applications in the Google Play store that they say are infested with malware[/caption]

Getty

The experts say Android users should delete the identified applications immediately to avoid further seeing their devices further infected with the costly malware[/caption]

Cybersecurity firm Pradeo says it has found the Joker malware embedded in four “malicious applications” that can be found in the Google Play store.

The Android apps are used as a conduit to spread the malicious software.

According to Pradeo, Joker is a type of “fleeceware” that is designed to be discreet.

“Its main activity is to subscribe to unwanted paid services or send SMS / make calls to premium numbers, unbeknownst to users,” Pradeo’s cybersecurity experts wrote in a recent blog post.

“Joker generates a very discreet footprint that can be tricky to detect,” it added.

The malware has reportedly been detected in thousands of applications over the last three years. 

The latest applications riddled with Joker malware that were uncovered by Pradeo include messaging and health apps.

Pradeo identified the four dangerous apps as: Smart SMS messages, Blood Pressure Monitor, Voice Languages Translator, and Quick Text SMS. 

“Users are advised to immediately delete these applications from their smartphones and tablets to avoid fraudulent activities,” the company said.

The malware infested applications appear to use slightly different mechanisms to infect devices.

The Smart SMS Messages and Blood Pressure Monitor apps surveil incoming text messages and take “silent screenshots” of one-time passwords sent to the phone.

This allows the applications to bypass two-factor authentication protocols and carry out fraudulent activity using in-app purchases.

Alarmingly, it could take weeks for the victim to detect the fraud.

“Victims only notice the fraud when receiving their mobile phone invoice, potentially weeks after it started,” the cybersecurity experts said.

Additionally, the applications can also be used to install even more malware and infected applications to the device.

With Joker continuing to pose a threat to mobile device users, Pradeo said there are things people can be on the lookout for. 

According to the company, the applications often have very brief privacy policies and are never linked to a company or website.