Google Play app Color Message—which is said to have had over 500,000 downloads—has been removed from the Play Store after being linked to Joker malware.
Researchers from mobile security company Pradeo have discovered malware buried in the Color Message app on the Google Play store. More specifically, it’s hiding Joker malware, which Pradeo says is extremely difficult to detect, thanks to leaving a small digital footprint. It can also be tricky to remove as it’s able to hide its icon once it’s been installed. According to Pradeo, Joker malware has been discovered in hundreds of apps over the past two years.
In Pradeo’s words, the Joker malware is a form of fleeceware, which can access users’ contact lists and send them out to other parties over the network. It also will quietly sign users up for paid services without their knowledge by intercepting SMS (Short Message Service) and simulating clicks.
The malware app uses a minimal amount of code to hide itself, making it tough to find once it’s in place.
Pradeo points out that Color Message’s terms and conditions did not explain the level of access the app would have or how much control it would be allowed. The brief description was also hosted on a single, unbranded blog page.
Color Message has since been removed from the Google Play store, but it’s recommended that you exercise caution when downloading any apps from unfamiliar developers.
Pradeo also highly recommends deleting the Color Message app immediately if you have it installed on your Android device.