Recently, analysts from the Russian anti-virus maker Dr.Web found ten Android apps from three developers that were infected with Joker, a type of Android Malware that signs up users for premium phone services, The Record reports. These apps, which posed as legitimate applications like cameras or coloring programs, are the first reported malware by Dr.Web on Huawei’s app store. Huawei has removed the apps from the app store, but not from the infected devices.
These were all examples of malware on an official app store. While it is generally recommended to avoid installing mobile apps from links in email, text messages or any other non-official source, mobile device users must also be wary of new apps on official app stores. Usually, these malicious apps are reported and taken down eventually, but they can still cause trouble for any mobile device user who installed the app before it was removed. Binary Defense recommends deploying a EDR system like Microsoft Defender for Endpoint for Android, as this will better help detect malicious/unwanted apps downloaded from any source, whether they come from official stores or elsewhere.