What is Joker Malware? How it works? All in one details


Smartphone apps play a vital role in everyone’s life. From connecting with relatives to giving us a path. These apps are integrated everywhere. But what if our apps start betraying us. Is it possible that they can do so? Yes, it is possible. Sometimes they start working in a different way which is harmful for us in terms of privacy. Recently, Google has removed 11 more apps from the play store. All these apps were removed because It uses some complicated tricks which include JOKER Malware as well.

When the whole situation came into limelight, Google took immediate action on it and removed all the 11 apps from the play store. Google even came up with the list with all the names in it and requested it’s users to remove it from their phones. You can say Joker Malware is one of the worst malware which users have seen till date.

What is Joker Malware?

The Joker malware was first traced back to 2017. The researcher’s team found that such an app looks like a legitimate Android application which is used to capture its user information. The billing malware known as Joker was made to evade Google Play Store security.


This malware is a spyware as well as premium dailer, who can access OTPs, notifications, read and send messages from your phone. This malware can even interact with user smartphone IMEI details, which in results lead them to access Sim Card information. However, they can even subscribe to their users to some premium features without the user’s consent. Google has even described these threats as the most persistent one from which they are dealing from the last few years.

What is the Android Manifest file?

Every legitimate android application use to have Android Manifest file in its root directory. This file used to carry all the essential information about the app such as the name, icon, and permission to the Android system which every app must have before the system runs the app.

How Joker Malware works?

It works in three steps

  1. Building payload first: In this step, the Joker malware builds it’s payload beforehand inserting it into the Android Manifest file.
  2. Skipping the loading of payload: In this step, the Joker malware doesn’t even try to load the malicious payload during the evaluation time. Therefore, this makes the app legitimate and a lot easier to bypass Google Play Store protection.
  3. Spread Malware: Once the evaluation period is completed, and approved, the malware starts spreading.

List of 11 removed Apps

Joker Malware is not a new thing, however, this time it is spreading at a very high rate. Therefore, Google has already removed soo many apps affected by the Joker malware. This time once again Google has removed 11 Apps and asked the users to remove it from there devices as well. The name of all the 11 Apps are

  • com.imagecompress.android
  • com.relax.relaxation.androidsms
  • com.cherry.message.sendsms
  • com.cherry.message.sendsms
  • com.file.recovefiles
  • com.LPlocker.lockapps
  • com.remindme.alarm
  • com.training.memorygame
  • com.contact.withme.texts
  • com.peason.lovinglovemessage
  • com.hmvoice.friendsms

Check your device and uninstall them if any of these apps are present. Although, any type of Trojan Malware is very harmful in every aspect. Due to this only Google has removed 11 Apps from the play store. You can also remove all types of battery saver and optimizer app from your device.

Also read: Top 10 apps of 2020, which you must try once


Joker Malware is very harmful in every aspect. Therefore, it’s recommended to remove the apps if any one of them is present on your device. If you liked this article please share it on different social media platforms.

Fr more technical stuffs, stay tuned with TechRatio.in.


Please enter your comment!
Please enter your name here