Over 500,000 Android Users Downloaded a New Joker Malware App from Play Store

A malicious Android app with more than 500,000 downloads from the Google Play app store has been found hosting malware that stealthily exfiltrates users’ contact lists to an attacker-controlled server and signs up users to unwanted paid premium subscriptions without their knowledge.
The latest Joker malware was found in a messaging-focused app named Color Message (“com.guo.smscolor.amessage”),