• Home
  • Apps
  • Apps News
  • Judy Malware Affected Up to 36.5 Million Android Users via Google Play, Says Check Point

Judy Malware Affected Up to 36.5 Million Android Users via Google Play, Says Check Point

Share on Facebook Tweet Share Reddit Comment
Judy Malware Affected Up to 36.5 Million Android Users via Google Play, Says Check Point
Highlights
  • Check Point reported over 41 apps with auto-clicking adware
  • Google has removed the malicious apps from Play store
  • Researchers claim malware has infected 36.5 million devices

Researchers at Check Point, which recently reported malicious subtitles, have now reported a new malware campaign on Google Play. Dubbed 'Judy', the auto-clicking adware was found on 41 apps developed by a Korean company, according to researchers.

The malware used infected devices to generate fraudulent clicks on advertisements for generating revenues. Researchers claim that the 'Judy' malware has affected between 8.5 million and 36.5 million Android devices as the malicious apps saw downloads between 4.5 million and 18.5 million. Notably, Google removed the malicious apps from the Google Play store after Check Point notified it about the threat.

"Some of the apps we discovered resided on Google Play for several years, but all were recently updated. It is unclear how long the malicious code existed inside the apps, hence the actual spread of the malware remains unknown," writes Check Point team talking about the Judy malware.

Researchers also found several apps containing Judy malware developed by other developers on Google Play. Though, any connection between the two malware campaigns couldn't be established. "The connection between the two campaigns remains unclear, and it is possible that one borrowed code from the other, knowingly or unknowingly," adds the team.

Check Point reported that the oldest app in the second campaign from other developers were last updated in April 2016 which means that the "malicious code hid for a long time on the Play store undetected."

Researchers also add that similar to previously reported malicious apps like FalseGuide, Judy also relies on the communication with its Command and Control server (C&C) for its operation.

Check Point last month reported FalseGuide botnet malware which infected millions of Android devices via Google Play, and which was hidden in over 40 guide apps for games in Google Play.

Comments

For the latest tech news and reviews, follow Gadgets 360 on Twitter, Facebook, and subscribe to our YouTube channel.

Ketan Pratap Ketan Pratap cover&nbspdaily news and rumours at Gadgets 360. He attended IIMC (Indian Institute of Mass Communication), majoring in English Journalism. Ketan is a determined dreamer who believes in the power of hard work. When not working, he loves to explore new cities. More
LG V30 May Feature a Slide-Out Secondary Display, Leaked Mockups Indicate
Acquisitions Accelerate as Tech Giants Seek to Build AI Smarts
 
 

Advertisement

 

Advertisement

© Copyright Red Pixels Ventures Limited 2019. All rights reserved.