The Joker Trojan has recently targeted Android devices to steal SMS messages, contact lists, and device information. The cybersecurity researchers at CSIS has affirmed that the Joker is one of the new kind of malware that is mainly targeting and putting Android devices in danger.
This spyware is intended to steal SMS messages, contact lists, and device information. Not only this, but it also signs up silently in the victim account for premium wireless application protocol (WAP) services.
Possible plots
All the possible plots are divided into 3 range, that are Direct download, One-stage download, and Two-stage download.
Direct download
In this case, the final payload is being delivered via a direct URL that is received from the command and control (C&C) server. In this scenario, the infected Google Play store app has the C&C address stored in the code itself with chain obfuscation. After…