Home » News » General » Judy malware found infecting nearly 36.5 million Android smartphones: Check Point research

Judy malware found infecting nearly 36.5 million Android smartphones: Check Point research

By Karthekayan Iyer | Updated on 13-Jun-2017
Judy malware found infecting nearly 36.5 million Android smartphones: Check Point research
Karthekayan Iyer Karthekayan Iyer
29 May 2017 11:15
HIGHLIGHTS

Judy malware has been found affecting 41 apps on Google Play Store and the search giant has started removing these infected apps.

Judy, a new malware, has been found infecting 41 apps on the Google Play Store. Discovered by Check Point researchers, the malware has affected between 8.5 million to 36.5 million Android smartphones. Google recently announced that there are over 2 billion active Android smartphones globally.

According to a report by Check Point researchers, Judy malware is an auto-clicking adware designed to generate revenues for its perpetrators by generating large amount of fraudulent clicks on advertisements. These malicious apps have been downloaded between 4.5 million and 18.5 million times and some of these apps have been on Play Store for several years. Check Point has reportedly alerted Google about the malware and the search giant has started removing these infected apps.

Check Point says, "Judy relies on the communication with its Command and Control server (C&C) for its operation." This makes it similar to FalseGuide and Skinner malwares that previously infiltrated Google Play.

Judy has been found bypassing Bouncer, a security service for the official Android app store. This allows hackers to create bridgehead apps and establish a connection with the victim's device. "Once a user downloads a malicious app, it silently registers receivers which establish a connection with the C&C server," Check Point noted. The malware has been found opening URLs controlled by the author on an imitated PC browser within a hidden webpage. The malware uses JavaScipt to locate and click on ads and the malware author receives payment from the website developer.

Security researchers note that most of these Judy malware infected apps have been developed by ENISTUDIO corp, a Google Play registered entity run by a Korean company named Kiniwini. The company develops apps for both Android and iOS platforms, and is found making illegimate use of the users' mobile devices for generating false clicks on advertisements. Google Play users have also reported that these apps display large amount of ads, leaving users with no option but to click on them.

While Google Play has been infected with multiple malwares in the past, the reach of Judy makes it a significant threat to Android users. Check Point researchers caution users of not just relying on the official app stores for their safety, and instead using advanced software protection tools capable of detecting such threats and blocking zero-day attacks.

Karthekayan Iyer

Karthekayan Iyer

New Mobiles
Apple IPhone 15Redmi 12 5GRealme 11 Pro+ 5GApple IPhone 15 PlusNothing Phone 2
Top-10s
Best Mobile Phones under 15,000Best Mobile Phones under 20,000Best Mobile Phones Under 10,000Best Mobile PhonesBest 5G Mobile Phones
Terms of Use Privacy Policy About Us Advertise with us Contact Us SiteMap Current / Past Issue Magazine Subscription
9.9 Group

Digit.in is one of the most trusted and popular technology media portals in India. At Digit it is our goal to help Indian technology users decide what tech products they should buy. We do this by testing thousands of products in our two test labs in Noida and Mumbai, to arrive at indepth and unbiased buying advice for millions of Indians.

We are about leadership – the 9.9 kind Building a leading media company out of India. And, grooming new leaders for this promising industry.

logo logo logo logo logo logo
Copyright © 2007-24 9.9 Group Pvt.Ltd.All Rights Reserved.
Digit.in
Logo
Digit.in
Logo