topbanner_forum
  *

avatar image

Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
  • February 19, 2020, 10:43 AM
  • Proudly celebrating 14 years online.
  • Donate now to become a lifetime supporting member of the site and get a non-expiring license key for all of our programs.
  • donate

Author Topic: Google Removed Over 1.7K Joker Malware Infected Apps from Play Store  (Read 428 times)

wraith808

  • Supporting Member
  • Joined in 2006
  • **
  • default avatar
  • Posts: 10,350
    • View Profile
    • Donate to Member
Joker.jpg

Google Removed Over 1.7K Joker Malware Infected Apps from Play Store

Roughly 1,700 applications infected with the Joker Android malware (also known as Bread) have been detected and removed by Google's Play Protect from the Play Store since the company started tracking it in early 2017.

At least one series of such malicious apps did manage to get into the Play Store as discovered by CSIS Security Group security researchers who found 24 apps with over 472,000 downloads in total during September 2019.

"Sheer volume appears to be the preferred approach for Bread developers," says Google. "At different times, we have seen three or more active variants using different approaches or targeting different carriers. [..] At peak times of activity, we have seen up to 23 different apps from this family submitted to Play in one day."

More at Bleeping Computer.

mouser

  • First Author
  • Administrator
  • Joined in 2005
  • *****
  • Posts: 39,906
    • View Profile
    • Mouser's Software Zone on DonationCoder.com
    • Read more about this member.
    • Donate to Member
Re: Google Removed Over 1.7K Joker Malware Infected Apps from Play Store
« Reply #1 on: January 11, 2020, 08:31 AM »
Yikes.

nickodemos

  • Supporting Member
  • Joined in 2009
  • **
  • Posts: 89
    • View Profile
    • Donate to Member
Re: Google Removed Over 1.7K Joker Malware Infected Apps from Play Store
« Reply #2 on: January 11, 2020, 11:32 AM »
I have been thinking about this for some time about security issues with regard to a system like this.

Would it be possible to group source checking the security of these apps in a wiki tiered system?

Tier 01: Common Joe reports no issue
Tier 02: Trusted common Joe reports no issue
Tier 03: Trusted newbie Joey in security field reports no issue
Tier 04: Trusted experienced Joe in security field reports no issue
Tier 05: Company security Joseph reports no issue

Tier 2-4 would gain percentage discounts on companies apps. Declare certain amount of apps in given time frame to remain at set tier. If security issue found then you are given a bonus credit on how many needs to be found.


A good few of the members are programmers here, so I was wondering about it from your point of view.