Beware of this new malware called the joker targeting Android smartphones. It was discovered in 24 apps in Google playstore but has since been removed.
Once installed, the software secretly signs up the victim to various premium services by silently clicking on advertisements within the app and using SMS verification codes to verify subscription payments.
The Joker secretly steals your phonebook contacts, collects all numbers in the contact list and sends them over to the C&C in an encrypted form.
The Joker has reportedly been downloaded at least half a million times through a number of malicious applications.
The Joker malware only attacks targeted countries. Most of the infected apps contain a list of Mobile Country Codes (MCC) and the victim has to be using a SIM card from one of these countries in order to receive the second stage payload.
Android smartphones has been a major targets of Trojans attack in recent times so is not surprising seeing this. Though Google has been removing apps suspected to be infected with malwares, but there is no guarantee that the ones removed are the only infected apps in Google play store.