The Joker Malware: Aladdin once found a magic lamp, through it came out the genie who granted him three wishes. With time, the magic lamp evolved into our mobile phones and the genie took the form of the internet. Poor Aladdin was bound by only three wishes, and look now what the genie (read internet) offers us.
With the advancement of civilization, human beings are becoming more and more dependent on technology. With the internet crisscrossing the planet, communication has become smooth like butter. Thanks to Robert Kahn and Vint Cerf for blessing the Blue Planet with our genie, the internet.
Money transactions, booking tickets, online shopping, gaming, socializing, research, mobile banking and what not? Just name it, and the genie shall provide it to you at your fingertips.
But, this technology-driven 21st-century human civilization has become more vulnerable to cyber threats.
What is Joker malware?
Joker is a Trojan virus. This malware creeps into the user’s electronic device through an app, and access all the security information. It collects all the data through messaging apps, call logs, and subscribes the users to premium subscriptions without the user’s consent.
The Trojan will silently interact with advertisement websites without the knowledge of the users. It performs banking transactions and the user should not be surprised if one day the bank balance becomes magically zero.
Joker Trojan malware has been spotted in the Google Play store for the last few years. Quick Heal Security Labs has recently released a report where they have mentioned eight applications infected with Joker. The tech giant has immediately removed those mentioned applications from Google Play Store.
Here are the eight applications that have been infected by the malware:
- Auxiliary Message
- Free CamScanner
- Go Messages
- Super SMS
- Fast Magic SMS
- Element Scanner
- Travel Wallpapers
- Super Messages
According to the report provided by Quick Heal, the malware when first launched on the device, it asks for notification access (pretty much like other applications). In the second step, the application requests permission for SMS notification through which it accesses the SMS data, and then asks for Contacts access.
When access is provided, the application makes and manages phone call permission. After this final step, the malware continues to work silently without showing any doubtful activity to the user.
What is a Malware? What does it do?
The collective name for a number of Malicious Software, including spyware, viruses, ransomware among others, is Malware. It typically consists of a code that is developed by cyber attackers. It can be delivered to the users in form of a link or a file through email, messages or through applications. With a slight click on the link, the malware gets access to the user’s system.
Malware has been a serious threat to individuals and organizations since the first virus-the Creeper virus- made its presence in the 1970s. The world has seen continuous cyber threats by thousands of malware variants, causing as much disruption and damage as possible.
Cybercriminals use malware to demand ransom, threaten users by blackmailing them with personal information, and sometimes they steal sensitive data from the user’s device and use them with ill-intentions.
So, next time before you click on a link, think twice. This simple click may cost heavy on your bank accounts!
Cyber-attacks in India
With the nation rapidly adopting to digital services, a surge in cyber-attacks has been noticed. According to government data, approximately 1.16 million cases of cyber-attack has been reported in 2020, which is alarmingly 3 times more than the previous year and almost 16 times more than 2016.
According to Indian Computer Emergency Response Team (CERT-In), 3,94,500 and 11,58,209 cybersecurity threats has been identified in 2019 and 2020 respectively. With extreme lockdown restrictions in 2020, dependence on digital services have increased and so have the cyber threats.
Cyber-attacks not only pose a threat to the security of the nation but also causes huge financial losses to the economy. Our sweet neighbour China, have not left a single opportunity to invade India’s cyber-space. Red Echo, a Chinese state-sponsored cyber-attacking team is reportedly responsible for a number of cyber threats in India. Recently, in 2020, Mumbai faced a serious cyber-attack by Red Echo. India’s financial capital had malware inserted (obviously by China) that flowed through the electricity grid and caused a massive power interruption. This attack was to show India a fraction of what China is capable of doing.
Another hacker group named Stone Panda, recently made its way to the headlines, when they made an attempt to enter Serum Institute of India’s (SII) cyber space and tried to remove Bharat Biotech’s Intellectual Property Right (IPR).
The United States-based cyber security company, Recorded Future, in their report has mentioned that India is likely to face increased cyber-attacks in the year 2021. It also mentioned that organizations and industries are the most vulnerable to such cyber-attacks by hackers like Red Echo.
Cyber security in India
India has ranked 23rd out of 165 countries on the UN Global Cybersecurity Index 2020. This might look like a huge achievement for the country, but in reality, India has been susceptible to numerous cyber threats in recent times.
Lacunas in the cyber security framework of India has been pointed out by experts over the years. The government of India is trying to fill those gaps and build a more concrete cyber security structure for the nation and by formulating more stringent laws for cyber security offenders.
The National Cyber Security Policy of 2013 was adopted to construct a more secure and strong cyberspace for the nation’s people. The policy aims to protect information and the information infrastructure in cyberspace, it has built capabilities to respond to cyber threats and to minimize the damages caused by cyber incidents.
The National Technical Research Organization has been designed to protect national critical infrastructure and to tackle all incidents related to cyber-security within every sector in India.
Indian Computer Emergency Response Team (CERT-In) has the responsibility to analyze data and forecast possible future cyber-attacks and breaches. It also has the responsibility to alert the concerned authority of any suspected cyber threat.
In today’s world, cyber space is easily accessible and has a presence beyond geopolitical limitations. Consequently, it has proved to become a global battlefield for various states and non-state organizations.
With India’s target to be among the top 10 countries on the UN Global Cybersecurity Index, the nation has to work more on developing a solid framework to address cyber threats. For the fifth-largest economy to be recognized as a global power, cyber-security concerns must be addressed with full perfection. A cyberwar is the last thing the world needs, but our nation must be fully geared for such an unpredictable situation. China has showcased its power by attacking India’s cyberspace a number of times. It is high time for India to focus and strengthen its cyber capabilities for offensive as well as defensive operations.