Tuesday, April 16, 2024

Infected more than half a million devices – delete this app ASAP


2 min read

One application, from the Google Play store, secretly sent user contacts to a Russian server and then registered users for expensive subscriber services.

The application has already been downloaded more than half a million times. If you are among those 500,000 users who have downloaded the application, it is best to delete it immediately.

The name of the app is Color Messages and fortunately, Google withdrew it from its app store. Allegedly, the application improves the exchange of text messages by adding emojis and blocking unwanted texts, but cyber security researchers at Pradeo Security pointed out that the program does much more than that.




Color Message carries with it a family of malware, called the Joker. In the past, millions of Android devices have been the prey of the Joker and its variants. The Joker is considered a “fleeceware” form of malware, as it primarily works on simulating clicks and then intercepting SMS messages. That way, it can subscribe you to premium services you don’t want or haven’t even heard of.

The Joker has entered hundreds of applications, despite Google’s efforts to detect malware and remove infected applications. Part of the problem is that the Joker’s trail is extremely small and developers use a number of techniques to hide it.

Another thing to note is that Color Message is also known to hide its icon when the malware starts. You may need to go to Settings or Play Store to remove it.

In addition, users are advised to pay attention to where they download applications. It is recommended to stick to the applications of well-known companies and download them from official application stores only when they provide an obvious advantage over standard applications that are pre-installed on the devices.






Dudescode.com is a participant in the Amazon Services LLC Associates Program, an affiliate advertising program designed to provide a means for sites to earn advertising fees by advertising and linking to amazon.com