Recommended

Android Security News: Auto-Clicking Judy Malware Plagues Google Play Store

It was recently revealed that an auto-clicking malware called "Judy" has been plaguing Android users through several apps found on Google Play Store.

IT security company Check Point shared information that they have found malware on at least 41 apps from a Korean company named Kiniwini and is registered as ENISTUDIO Corp. on Google Play Store. Through the infected apps, this kind of malware (also specifically referred to as adware) makes the device auto-click advertisements to generate income for the hackers.

The adware was named Judy probably because the 41 infected apps from the Korean developer were all releases under a franchise of Judy-titled games such as "Animal Judy: Dragon Care," "Fashion Judy: Wedding Party," "Chef Judy: Triangular Kimbap," "Judy's Spa Salon" and more, which have recorded an accumulated download of 4.5 million to 18.5 million.

Get Our Latest News for FREE

Subscribe to get daily/weekly email with the top stories (plus special offers!) from The Christian Post. Be the first to know.

Meanwhile, Check Point was not able to determine just how long the Judy-titled apps have been carrying the adware. However, the IT security company have also learned that there was a second malware-spreading campaign that used the same kind of adware.

"We also found several apps containing the malware, which were developed by other developers on Google Play. ... The oldest app of the second campaign was last updated in April 2016, meaning that the malicious code hid for a long time on the Play store undetected," Check Point further explained.

Check Point speculated that either of the hackers responsible for both campaigns might have shared the malware's code ""knowingly or unknowingly."

The apps infected by the second campaign are believed to have been downloaded for at least 4 to 18 million times and this makes the number of devices infected by the Judy adware go up to 8.5 million and 36.5 million. With that, Check Point believes that this is one of the largest malware campaigns to ever happen on Google Play Store.

The Judy malware was able to carry out its purpose by exploiting Google Play's protection called Bouncer. The hackers were able to bypass this and connect the device to a Command and Control server that operates the malware.

"After Check Point notified Google about this threat, the apps were swiftly removed from the Play store," the IT security company said.

Was this article helpful?

Help keep The Christian Post free for everyone.

By making a recurring donation or a one-time donation of any amount, you're helping to keep CP's articles free and accessible for everyone.

We’re sorry to hear that.

Hope you’ll give us another try and check out some other articles. Return to homepage.