Great Moto G Stylus deal on Amazon!

Judy, Judy, Judy; Malware affects as many as 36.5 million Android devices

By
33comments
Android Apps
Judy, Judy, Judy; Malware affects as many as 36.5 million Android devices
Last week, researchers at Check Point discovered malware called "Judy" that could have infected as many as 36.5 million Android devices. The auto-clicking adware generates large numbers of fraudulent clicks on ads, resulting in large sums being paid to the hackers behind the operation. The malware was found on 41 apps offered by a Korean firm, and quickly spread between 4.5 million and 18.5 million downloads.

The interesting thing is that many of these apps had been listed in the Google Play Store for years, but all of them had recently been updated. Check Point also discovered a few apps written by other developers that contained the same malware. It isn't known what the connection is between the different developers, and if the malware was knowingly or accidentally spread.

The apps containing the malware are developed by a company from Korea named Kiniwini, using the name of ENISTUDIO corp. on the Google Play Store. For its part, Google has already removed the malicious apps from the Play Store. The apps listed by Kiniwini all included the name Judy in the title, which explains how the malware received its name. It should be pointed out that Kiniwini also develops apps for the Apple App Store.
 
"To bypass Bouncer, Google Play’s protection, the hackers create a seemingly benign bridgehead app, meant to establish connection to the victim’s device, and insert it into the app store. Once a user downloads a malicious app, it silently registers receivers which establish a connection with the C&C server. The server replies with the actual malicious payload, which includes JavaScript code, a user-agent string and URLs controlled by the malware author. The malware opens the URLs using the user agent that imitates a PC browser in a hidden webpage and receives a redirection to another website. Once the targeted website is launched, the malware uses the JavaScript code to locate and click on banners from the Google ads infrastructure...Upon clicking the ads, the malware author receives payment from the website developer, which pays for the illegitimate clicks and traffic."-Check Point

If you have any of these apps on your phone or tablet, make sure that you delete them immediately.

Recommended Stories

source: CheckPoint via BGR
https://m-cdn.phonearena.com/images/users/39-200/Alan-F.jpg
Alan Friedman Mobile Tech News Journalist
Alan, an ardent smartphone enthusiast and a veteran writer at PhoneArena since 2009, has witnessed and chronicled the transformative years of mobile technology. Owning iconic phones from the original iPhone to the iPhone 15 Pro Max, he has seen smartphones evolve into a global phenomenon. Beyond smartphones, Alan has covered the emergence of tablets, smartwatches, and smart speakers.

Recommended Stories

Loading Comments...

Popular stories

T-Mobile is now going to dictate where you can use its 5G internet
T-Mobile is now going to dictate where you can use its 5G internet
Apple signals the imminent release of the iPad Air (2024) and iPad Pro (2024)
Apple signals the imminent release of the iPad Air (2024) and iPad Pro (2024)
Samsung's killer Galaxy Watch 6 Classic trade-in deal comes just in time for Mother's Day
Samsung's killer Galaxy Watch 6 Classic trade-in deal comes just in time for Mother's Day
Apple Watch X render shows new magnetic band mechanism that could lead to longer battery life
Apple Watch X render shows new magnetic band mechanism that could lead to longer battery life
Text message from AT&T about a free device offer may look like a scam or spam but it is legitimate
Text message from AT&T about a free device offer may look like a scam or spam but it is legitimate
The speedy iPad Mini 2021 is even sweeter than usual after a lovely discount on Amazon
The speedy iPad Mini 2021 is even sweeter than usual after a lovely discount on Amazon

Latest News

T-Mobile confirms major 5G network upgrades in Louisiana
T-Mobile confirms major 5G network upgrades in Louisiana
Apple needs a $250 iPhone to boost sales but it doesn't want to make "stripped-down, lousy products"
Apple needs a $250 iPhone to boost sales but it doesn't want to make "stripped-down, lousy products"
Grab the smaller-sized Galaxy Watch 6 at bargain prices through Amazon's deal
Grab the smaller-sized Galaxy Watch 6 at bargain prices through Amazon's deal
Galaxy S21 and S22 owners facing green line issue will get free screen replacement in one country
Galaxy S21 and S22 owners facing green line issue will get free screen replacement in one country
AT&T's first kid-friendly tablet is here with a fun design and great price
AT&T's first kid-friendly tablet is here with a fun design and great price
LeBron James may have leaked Apple's next big Beats product
LeBron James may have leaked Apple's next big Beats product
FCC OKs Cingular\'s purchase of AT&T Wireless