Categories: Technology

Malware called Judy to infect 36.5 million Android phone users

More than 41 applications in Google Play Store were discovered to be infected by a new malware named Judy. Researchers have estimated that over 8.5 million users were infected before the malware was discovered and that this number might even go as high as 36.5 million. These reports came from the security company called Checkpoint, which is also the firm that discovered this malware. The firm informed Google immediately after, and all of the known applications were removed from the Play Store soon after.

Checkpoint’s blog post claims that this is one of the so-called ‘auto-clicking adware’, and it’s suspected that the developers of the malware are from South Korea.

The name of the company that’s suspected to be involved is Kiniwini and their name in the Play Store is ENISTUDIO corp. The company is known to create applications for both iOS and Android. According to the researchers, the auto-clocking adware would use the phones to create fake clicks on online ads so that the creators of the ads could benefit from them. The apps themselves seem to be ‘living’ on Google Play Store for a long time now, undetected.

This same malware was also found on other apps, created by other companies. Checkpoint has also noted that it seems like the malware was surviving in the Play Store from April 2016, which means that Google managed to oversee another big malware.

So, what does the malware do, exactly? Well, the general idea is that it’ll automatically click on the ads, and therefore boost the revenue for the companies that have posted them. After you download the app from the Play Store, the malware sets up a connection to the Control and Command Server, which wasn’t on Google’s servers, which is probably why the malware managed to remain undetected for so long. It would then download the malicious payload.

This is a proof of how unsafe the Play Store really can be, and so the customers should take great caution while downloading apps. Google’s team does as much as they can to find the malware that has managed to sneak through their defenses, but even they can’t find all of it, and Judy is the proof enough.

Sponsored
Ali Leghari

Share
Published by
Ali Leghari

Recent Posts

VPN Ban Could Cost Pakistan’s IT Industry $1 Billion, Warns P@SHA

The Pakistan Software Houses Association (P@SHA) has raised alarms about the severe impact of the…

9 hours ago

WhatsApp Trials Group Chat Mentions in the Latest Status Update Feature

WhatsApp is rolling out a new feature in its latest Android beta version, allowing users…

9 hours ago

PTA Chairman Confirms No Orders for Mobile Service Shutdown

ISLAMABAD: Chairman of the Pakistan Telecommunication Authority (PTA), Major General (retd) Hafeez-ur-Rehman, confirmed that no…

10 hours ago

35,000 Students to Receive Free Laptops Under Punjab Government Scheme

Punjab Chief Minister Maryam Nawaz Sharif has announced the launch of a new initiative aimed…

10 hours ago

Meta Introduces New Features to Messenger: AI Backgrounds, HD Video Calls, and More

Meta has unveiled a set of new features for Facebook Messenger, designed to improve call…

12 hours ago

PTA Seeks Stakeholder Input on VPN Registration

Islamabad (21st November 2024): PTA hosted a stakeholder consultation on VPN registration, with key participants…

13 hours ago