Android Malware 'Judy' hits more than 36.5 Million Devices

The auto clicking malware 'Judy' hits upto 36.5 million android devices generating fraudulent revenue for hackers.

According to a research by the security firm Checkpoint, a new malware is in the market named as Judy and has infected up to 36.5 million Android devices. Developed by Korea-based company Kiniwini and published under the moniker ENISTUDIO Corp, this auto clicking malware is found on 41 applications in the Google Play store and has been in the Google Play for more than a year.

Android Judy Overview.jpeg

"The malware uses infected devices to generate large amounts of fraudulent clicks on advertisements, generating revenues for the perpetrators behind it." says Checkpoint.

When a user downloads the application from Google Play Store embedded with Judy, it makes the device hostile and starts to make fake advertisement clicks to generate money for the application developers.

Judy Malware Android

When Checkpoint informed this malware threat to Google, the infecting applications were swiftly removed, but not after the malicious apps reached between 4.5 million and 18.5 million downloads.
Malware Judy is compared with previous malware which infiltrated Google Play, such as FalseGuide and Skinner.

Judy affects your device when hackers make a seemingly harmless app to bypass Bouncer, Google Play’s protection and then get published in the Play Store. When a user downloads the app, it becomes infected and acts as a bridge between the targeted user and the malicious content.

The Checkpoint says "Once a user downloads a malicious app, it silently registers receivers which establish a connection with the C&C server. The server replies with the actual malicious payload, which includes JavaScript code, a user-agent string, and URLs controlled by the malware author. The malware opens the URLs using the user agent that imitates a PC browser in a hidden web page and receives a redirection to another website. Once the targeted website is launched, the malware uses the JavaScript code to locate and click on banners from the Google ads infrastructure".

Judy is possibly one of the largest malware campaigns found on Google Play Store and the number of devices infected are still unknown. The checkpoint is of the view that, users can't rely on official app stores and recommends to implement advanced security protections capable of detecting and blocking mobile malware.

Written by .
Last updated on 29-05-2017. Published on 29-05-2017.
Published by Mobiles4Sale in category News
Rate this News :
3.7/5 (6 votes)
Latest Comments. Share Your Opinion
What's wrong with this Korean people..?? Is there any hidden agenda..?
By on 29-05-2017
No hidden agenda. Just money i guess.
By on 01-06-2017
Add Your Comment


5126 Enter the numbers here: