Judy- a malware infected millions of Android Devices

Audrey Hill
May 30, 2017

After the WannaCry attack on more than 200,000 computers, a new malware has emerged in the world of Android smartphones. The malware produces false clicks from the infected systems to generate revenue from advertisements for the attackers. The apps were found to be from a Korean company, although a couple unrelated apps also had Judy malware installed in them.

The security firm CheckPoint has discovered the malware campaign on Google Play Store and has alerted Google as well.

According to cybersecurity firm Check Point, dozens of malicious apps have been downloaded between 4.5 million to 18.5 million times. Notably, Google removed the malicious apps from the Google Play store after Check Point notified it about the threat.

"Users can not rely on the official app stores for their safety, and should implement advanced security protections capable of detecting and blocking zero-day mobile malware", CheckPoint adds.

More news: Angels star Mike Trout jams left hand, leaves game at Miami
More news: French Open roundup from day one's action
More news: Senate Issues Two Subpoenas to Flynn's Businesses

After the download, the malware would set up a connection with the servers that delivers the malicious payload. These clicks essentially mean payment for the malware creator from original website developer. The company has been registered on Google Play Store as ENISTUDIO corp.

The company added that the oldest version of the fraudulent software dates back to April 2016, implying the racket had been earning money for its developers for at least a year without being detected.

After this, Judy opened the malicious URL that imitated a PC browser in a hidden web page. Dubbed "Judy", the auto-clicking adware was found on 41 apps developed by a Korean company, according to researchers. Also known as Judy, it makes people click on ads unwillingly to generate fraudulent revenue. It's quite scary actually, what Judy is and what it does and unlike many other malware on Android phones, this one actually spreads through Google's own play store. Google Play and Apple's App Store are the most secure way to download apps. More details on the malware and how it operates can be found in a blog post by Check Point. Around 36.5 million devices were infected by this malware. You also should try to get malware protection on your Android device. Google and Apple both have safety precautions in place that make it hard for a malicious app to get past. You just need a phone home that controls a server from the app downloaded by a user from the Play Store.

Other reports by MaliBehiribAe

Discuss This Article