in ,

Android Judy Malware that Infected up to 36.5 Million Devices

Yet another malicious activity has been found in the Google Play, which has infected thousands of Android devices. ‘Judy malware‘ is an adware that results in fraudulent ad clicks in turn giving huge revenue to the creator from the web developer. When the device is affected, it results in false clicks. It is been noticed and believed that almost 41 apps are spreading this malware.

Also it is found that other developers developed many apps that contained malware on Google Play. This malware seemed to be there for sometime on Google Play.

A couple of weeks back, millions of computers were hit with the ‘WannaCry’ and more than 200,000 cases were reported. By the time the same could be sorted out, there was another attack on the computers. The report from Check Point states that the malware is called ‘Judy’ and the 41 apps which are spreading this malicious code was developed by a Korea-based Kiniwini and was published under ENISTUDIO Corp. It is speculated that the malware was downloaded on around 18.5 million devices. Further 36.5 million may be affected by it.

The question here is how it could enter into Google Play, even after the presence of ‘security bound’ the store has. The apps which are fraudulent simply act as a bridge between the user’s device and the ad server. When the connection is established, it is time for the malware to imitate itself to be a PC browser and enables the opening of a page for clicks.

Once the app is downloaded, there is a connection with the control and command server which the app manages to set up, and this reveals or delivers the actual malicious payload. It involves, the JavaScript code, a user-agent string and URLs which is controlled by the creator of malware.

Also Read – Facebook Content Moderation secret documents leaked

Further, the URLs open the website targeted and thereby the code is used for clicking on banners from the Google ad tech. It finds ads by searching for iframes that have ads from Google ads infrastructure.

The solution here would be to check the apps that are published by Check Point so as to not get caught under the malicious act of the malware. Google has however removed the malicious apps and has updated the Bouncer protection, which forms the mechanism to identify or scan the apps.

What do you think?

0 points
Upvote Downvote

Written by Meenakshi Vanidasan

Meenakshi feeds you with curated content. She believes that 'Silence is gold' and hence likes to listen to slow music, while not busy writing. She also likes to watch encouraging videos that keep her going.

Apple iPhone 6

Apple iPhone 6 Re-launched in UK, India to offer 32 GB Storage instead of 16 GB

Dangal movie

Dangal beats ‘Bahubali 2: The Conclusion’ as the Highest-grossing Indian Film