Google takes pride in the security of apps it distributes through the Play Store.
Despite its efforts, cybersecurity researchers regularly uncover malicious, malware-laced apps masquerading as harmless download-worthy ones on the platform.
One of the more persistent threats has been the Joker malware, a spyware Trojan that allows bad actors to exploit victims and install more dangerous malware on compromised devices.
Now that malware's back once again, having been spotted in Play Store apps with over 100,000 combined installs.
The team informed Google and these apps have since been axed from the Play Store, but with over 100,000 installs between them, a lot of users could already be in trouble.
If you downloaded one, we strongly suggest you uninstall right away — these apps could serve as a backdoor for hackers to infect your Android device with other kinds of malware.
Google's app store is no stranger to the infamous Joker malware. First spotted piggybacking on Android apps in 2017, the Trojan is designed to remain undetected when you download and install an app — something its small code footprint makes that much easier.
Security researchers found Joker malware infecting eight Play Store apps in June 2021 and 16 others in August (per Android Headlines).
In October 2021, this malware leveraged the popularity of Netflix’s hit show Squid Game to infect an app distributing Squid Game-themed wallpapers, as spotted by ESET's Lukas Stefanko — the app accrued over 5,000 downloads before it was taken down.
Joker malware reared its ugly head on the Play Store again in November, infecting seven apps, one of which had 50,000+ installs.
In December, this persistent piece of internet junk proceeded to hijack an app with over 500,000 downloads at the time of its removal.
A Google report from January 2020 claims that over 1,700 apps were delisted from the Play Store because they were infected with the Joker virus.