scorecardresearch
Squid Game app on Google Play Store found with Joker malware, downloaded over 5,000 times

Squid Game app on Google Play Store found with Joker malware, downloaded over 5,000 times

A new app based around Netflix's popular series Squid Game has been discovered on Google Play Store that downloaded malware onto the Android smartphones that it was installed on. Scarily enough, it was not the only app of its kind and here is what smartphone users should take care of to avoid downloading such malicious apps.

Story highlights
  • An Android app named Squid Game Wallpaper was found to install malware onto target computers.
  • The app was downloaded more than 5,000 times from the Google Play Store.
  • The app has been removed from the Play Store since discovery.

Squid Game is all the rage these days, with the Korean show having quickly become Netflix's biggest launch to date. The hype, however, is being taken advantage of by online threat actors who are apparently spreading malware onto target computers by luring victim by the name of the Netflix series.

The malicious activity has been spotted on the Google Play Store, hidden in an app that masquerades as a wallpaper store named after the show. The unofficial Squid Game app, one among many of its kind, has been found to be filled with malware. What is even more scary is the fact that the app has already been downloaded by over 5,000 users from the Play Store.

The malicious app named Squid Game Wallpaper by XEXO studios was first discovered by Twitter user @ReBensk, who shared the finding in a tweet marking several cybersecurity experts. Soon after, Lukas Stefanko, a malware researcher at ESET shared an update on the app, confirming it to be ridden by the known malware Joker.

In his tweet, Stefanko explained that the app was able to download and execute native libraries on the target device, which basically contain codes that a developer wrote for a specific computer architecture. These native libraries then download and executes apk payload on the target device.

(Image: Twitter/ Lukas Stefanko)

Stefanko further warned that running the app on the device may result in "malicious ad-fraud and/or unwanted SMS subscription actions." The ill-effect has been observed with previous such apps riddled with Joker malware. The malware hidden under the Squid Game banner is the first such of its kind.

The app has been removed from the Play Store since the discovery. Users who had already downloaded the app and were using it have been advised to uninstall it immediately.

The finding is a shining example of how apps of unverified origins can potentially be harmful for your device. The Joker malware has had a notorious past with Android apps on Google Play Store and its resurgence with the Squid Game wallpaper app only shows that threat actors are still looking for new ways of using it to target gullible victims. As a golden rule against such risks, make sure that the apps you download on your phone are from verified origins and have a strong and trustworthy background.