Save up to $1,100 on Galaxy S24 Ultra!
Amazon Black Friday is here
The Amazon Black Friday deals are here early, enjoy the best discounts of the year now.
00 days
00 hrs
00 mins

Judy, Judy, Judy; Malware affects as many as 36.5 million Android devices

By
33comments
Google News Follow
Follow us on Google News
Android Apps
Judy, Judy, Judy; Malware affects as many as 36.5 million Android devices
Last week, researchers at Check Point discovered malware called "Judy" that could have infected as many as 36.5 million Android devices. The auto-clicking adware generates large numbers of fraudulent clicks on ads, resulting in large sums being paid to the hackers behind the operation. The malware was found on 41 apps offered by a Korean firm, and quickly spread between 4.5 million and 18.5 million downloads.

The interesting thing is that many of these apps had been listed in the Google Play Store for years, but all of them had recently been updated. Check Point also discovered a few apps written by other developers that contained the same malware. It isn't known what the connection is between the different developers, and if the malware was knowingly or accidentally spread.

The apps containing the malware are developed by a company from Korea named Kiniwini, using the name of ENISTUDIO corp. on the Google Play Store. For its part, Google has already removed the malicious apps from the Play Store. The apps listed by Kiniwini all included the name Judy in the title, which explains how the malware received its name. It should be pointed out that Kiniwini also develops apps for the Apple App Store.
 
"To bypass Bouncer, Google Play’s protection, the hackers create a seemingly benign bridgehead app, meant to establish connection to the victim’s device, and insert it into the app store. Once a user downloads a malicious app, it silently registers receivers which establish a connection with the C&C server. The server replies with the actual malicious payload, which includes JavaScript code, a user-agent string and URLs controlled by the malware author. The malware opens the URLs using the user agent that imitates a PC browser in a hidden webpage and receives a redirection to another website. Once the targeted website is launched, the malware uses the JavaScript code to locate and click on banners from the Google ads infrastructure...Upon clicking the ads, the malware author receives payment from the website developer, which pays for the illegitimate clicks and traffic."-Check Point

If you have any of these apps on your phone or tablet, make sure that you delete them immediately.

Recommended Stories

source: CheckPoint via BGR
https://m-cdn.phonearena.com/images/users/39-200/Alan-F.jpg
Alan Friedman Mobile Tech News Journalist
Alan, an ardent smartphone enthusiast and a veteran writer at PhoneArena since 2009, has witnessed and chronicled the transformative years of mobile technology. Owning iconic phones from the original iPhone to the iPhone 15 Pro Max, he has seen smartphones evolve into a global phenomenon. Beyond smartphones, Alan has covered the emergence of tablets, smartwatches, and smart speakers.

Recommended Stories

Loading Comments...

Popular stories

T-Mobile introduces welcome change for iPhone users
T-Mobile introduces welcome change for iPhone users
Time has come to say goodbye to T-Mobile app after 12 years
Time has come to say goodbye to T-Mobile app after 12 years
AT&T wants to shut down a network with only 52 users (UPDATE: AT&T responds)
AT&T wants to shut down a network with only 52 users (UPDATE: AT&T responds)
People are hearing voices coming from their iPhone
People are hearing voices coming from their iPhone
This better not be happening: YouTube Premium users are seeing ads
This better not be happening: YouTube Premium users are seeing ads
Best Buy is now selling the 512GB OnePlus 12 flagship at its killer Black Friday price
Best Buy is now selling the 512GB OnePlus 12 flagship at its killer Black Friday price

Latest News

Amazon slashes the 512GB Galaxy S24 Ultra by $350 for Black Friday, making it a can't-miss offer
Amazon slashes the 512GB Galaxy S24 Ultra by $350 for Black Friday, making it a can't-miss offer
Surprise Amazon Black Friday deal slashes more than $250 off the cheapest Pixel 9 model
Surprise Amazon Black Friday deal slashes more than $250 off the cheapest Pixel 9 model
Sizzling hot Black Friday 2024 deal makes Apple's 2022 iPad cheaper than ever before
Sizzling hot Black Friday 2024 deal makes Apple's 2022 iPad cheaper than ever before
Oppo Find X8 Series goes global with new Hasselblad camera system, ColorOS 15
Oppo Find X8 Series goes global with new Hasselblad camera system, ColorOS 15
T-Mobile proves its mettle against Verizon and AT&T by doing for customers what rivals were unable to
T-Mobile proves its mettle against Verizon and AT&T by doing for customers what rivals were unable to
Apple releases iPhone and iPad security updates you should install ASAP
Apple releases iPhone and iPad security updates you should install ASAP
FCC OKs Cingular\'s purchase of AT&T Wireless