SYMBOLCOMMON_NAMEaka. SYNONYMS
apk.joker (Back to overview)

Joker

aka: Bread

Joker is one of the most well-known malware families on Android devices. It manages to take advantage of Google’s official app store with the help of its trail signatures which includes updating the virus’s code, execution process, and payload-retrieval techniques. This malware is capable of stealing users’ personal information including contact details, device data, WAP services, and SMS messages.

References
2022-09-21Github (muha2xmad)Muhammad Hasan Ali
@online{ali:20220921:technical:04911e9, author = {Muhammad Hasan Ali}, title = {{Technical analysis of Hydra android malware}}, date = {2022-09-21}, organization = {Github (muha2xmad)}, url = {https://muha2xmad.github.io/malware-analysis/hydra/}, language = {English}, urldate = {2022-09-21} } Technical analysis of Hydra android malware
Hydra Joker
2022-06-30MicrosoftMicrosoft 365 Defender Research Team
@online{team:20220630:toll:af822af, author = {Microsoft 365 Defender Research Team}, title = {{Toll fraud malware: How an Android application can drain your wallet}}, date = {2022-06-30}, organization = {Microsoft}, url = {https://www.microsoft.com/security/blog/2022/06/30/toll-fraud-malware-how-an-android-application-can-drain-your-wallet/}, language = {English}, urldate = {2022-07-05} } Toll fraud malware: How an Android application can drain your wallet
Joker
2022-06-20Medium (Cryptax)Axelle Apvrille
@online{apvrille:20220620:tracking:828037d, author = {Axelle Apvrille}, title = {{Tracking Android/Joker payloads with Medusa, static analysis (and patience)}}, date = {2022-06-20}, organization = {Medium (Cryptax)}, url = {https://cryptax.medium.com/tracking-android-joker-payloads-with-medusa-static-analysis-and-patience-672348b81ac2}, language = {English}, urldate = {2022-08-15} } Tracking Android/Joker payloads with Medusa, static analysis (and patience)
Joker
2022-03-08Medium (Cryptax)Axelle Apvrille
@online{apvrille:20220308:live:c5b7cca, author = {Axelle Apvrille}, title = {{Live reverse engineering of a trojanized medical app — Android/Joker}}, date = {2022-03-08}, organization = {Medium (Cryptax)}, url = {https://cryptax.medium.com/live-reverse-engineering-of-a-trojanized-medical-app-android-joker-632d114073c1}, language = {English}, urldate = {2022-08-15} } Live reverse engineering of a trojanized medical app — Android/Joker
Joker
2021-09-17K7 SecurityBaran S
@online{s:20210917:joker:837b4d4, author = {Baran S}, title = {{Joker}}, date = {2021-09-17}, organization = {K7 Security}, url = {https://labs.k7computing.com/index.php/joker-unleashes-itself-again-on-google-play-store/}, language = {English}, urldate = {2021-09-19} } Joker
Joker
2021-07-13zimperiumRichard Melick
@online{melick:20210713:joker:8a701fd, author = {Richard Melick}, title = {{Joker Is Still No Laughing Matter}}, date = {2021-07-13}, organization = {zimperium}, url = {https://web.archive.org/web/20210714010827/https://blog.zimperium.com/joker-is-still-no-laughing-matter/}, language = {English}, urldate = {2021-07-24} } Joker Is Still No Laughing Matter
Joker
2021-05-05K7 SecurityBaran S
@online{s:20210505:joker:8337490, author = {Baran S}, title = {{Joker}}, date = {2021-05-05}, organization = {K7 Security}, url = {https://labs.k7computing.com/?p=22199}, language = {English}, urldate = {2021-07-02} } Joker
Joker
2020-11-09Trend MicroZhengyu Dong
@online{dong:20201109:old:5454254, author = {Zhengyu Dong}, title = {{An Old Joker’s New Tricks: Using Github To Hide Its Payload}}, date = {2020-11-09}, organization = {Trend Micro}, url = {https://www.trendmicro.com/en_us/research/20/k/an-old-jokers-new-tricks--using-github-to-hide-its-payload.html}, language = {English}, urldate = {2020-11-19} } An Old Joker’s New Tricks: Using Github To Hide Its Payload
Joker
2020-07-09CheckpointAviran Hazum, Bogdan Melnykov, Israel Wernik
@online{hazum:20200709:new:5e06825, author = {Aviran Hazum and Bogdan Melnykov and Israel Wernik}, title = {{New Joker variant hits Google Play with an old trick}}, date = {2020-07-09}, organization = {Checkpoint}, url = {https://research.checkpoint.com/2020/new-joker-variant-hits-google-play-with-an-old-trick/}, language = {English}, urldate = {2020-07-11} } New Joker variant hits Google Play with an old trick
Joker
2020-03-26BitdefenderLiviu Arsene
@online{arsene:20200326:android:946032b, author = {Liviu Arsene}, title = {{Android Apps and Malware Capitalize on Coronavirus}}, date = {2020-03-26}, organization = {Bitdefender}, url = {https://labs.bitdefender.com/2020/03/android-apps-and-malware-capitalize-on-coronavirus}, language = {English}, urldate = {2020-03-26} } Android Apps and Malware Capitalize on Coronavirus
Anubis Joker
2020-01-09GoogleAlec Guertin, Vadim Kotov
@online{guertin:20200109:pha:deb82eb, author = {Alec Guertin and Vadim Kotov}, title = {{PHA Family Highlights: Bread (and Friends)}}, date = {2020-01-09}, organization = {Google}, url = {https://security.googleblog.com/2020/01/pha-family-highlights-bread-and-friends.html}, language = {English}, urldate = {2020-01-20} } PHA Family Highlights: Bread (and Friends)
Joker
2019-09-03Medium CSIS TechblogAleksejs Kuprins
@online{kuprins:20190903:analysis:2b5a874, author = {Aleksejs Kuprins}, title = {{Analysis of Joker — A Spy & Premium Subscription Bot on GooglePlay}}, date = {2019-09-03}, organization = {Medium CSIS Techblog}, url = {https://medium.com/csis-techblog/analysis-of-joker-a-spy-premium-subscription-bot-on-googleplay-9ad24f044451}, language = {English}, urldate = {2020-01-06} } Analysis of Joker — A Spy & Premium Subscription Bot on GooglePlay
Joker

There is no Yara-Signature yet.