The researchers found that analysis, clowns Trojans not only using a variety of techniques to avoid static analysis, but also command and control servers associated with the hacker, take orders or upload stolen information. In addition, the program code Joker has special settings can be country-specific (including, but not limited to, Australia, France, Germany, India, UK and USA) Android users set targets.
Trojans will decide whether to attack SIM card according to the area code of the target device. "Most applications were found to have additional checks, which will ensure that the load does not perform in the United States or Canada is running."
Currently, Google has removed all the affected application.