Over 36.5 million Android users get infected by Judy Malware

A new malware named ‘Judy’ has been found in over 41 apps on the Google Play Store, and it has infected between 8.5 million to 36.5 million users. This is according to a report from security research firm Check Point, which discovered the malware and alerted Google. The search giant has started removing these infected apps from the Play Store.

According to researchers from Check Point, the apps were available on the Play Store for years, but have been clean and virus-free for most of the time. It appears that starting with April 2016, the apps were slowly updated with malicious code.

The purpose of this code was to launch a browser app, load an URL, and use JavaScript to locate and click on specific banners that would bring profits to the malware’s creators. Check Point blog reports that Judy Malware is “auto-clicking adware,” and the firm spotted tapps developed by a company based in South Korea. The blog post notes, “The malicious apps reached an astonishing spread between 4.5 million and 18.5 million downloads. Some of the apps we discovered resided on Google Play for several years, but all were recently updated.

Furthermore, besides the hidden ad-clicking activity, the operators of the Judy malware used it to insert intrusive ads in other apps, almost to the point that users had no possibility of viewing or interacting with the original app’s content.

Despite apps going through periodic reviews, Google‘s Play Store security system, named Bouncer, wasn’t able to pick up the malware’s malicious activity.

 

Related posts

Leave a Comment