Home Created by potrace 1.16, written by Peter Selinger 2001-2019Tech and auto  Created by potrace 1.16, written by Peter Selinger 2001-2019Tech news  Created by potrace 1.16, written by Peter Selinger 2001-2019Judy Malware: Not As Big As WannaCry But Still a Threat on Android

Judy Malware: Not As Big As WannaCry But Still a Threat on Android

Apps infected with Judy have been reported to be present on Google Play Store for years now. 

S Aadeetya
Tech News
Published:
Threat of malware for Android phones is back in the news. (Photo: iStock)
i
Threat of malware for Android phones is back in the news. (Photo: iStock)
null

advertisement

Now that the WannaCry ransomware threat for Windows PCs has subsided, there’s a new threat in town, and this time the target is millions of Android phones used across the globe. Judy malware has been detected on the Google Play Store by security experts, with over 18 million app downloads estimated to carry the malware.

They believe that the Judy malware, camouflaged as apps, has been residing in the Google Play Store for many years now. But as things stand, Google has taken off the infected apps from the Play Store.

Judy < WannaCry

When it comes to the level of threat posed by Judy, the malware is less of a threat compared to the WannaCry ransomware, which locked the data on millions of Windows PC earlier this month. Here’s what Judy malware does to your Android phone, as highlighted by Check Point, the guys who found Judy in the first place.

The malware, dubbed “Judy”, is an auto-clicking adware which was found on 41 apps developed by a Korean company. The malware uses infected devices to generate large amounts of fraudulent clicks on advertisements, generating revenues for the perpetrators behind it &nbsp;
Check Point blog

According to them, the malicious apps with Judy have been downloaded by 18.5 million users.

ADVERTISEMENT
ADVERTISEMENT
This is how the biggest threat of Judy looks like. (Photo Courtesy: Check Point)

What The Threat is Like

As pointed out by Check Point, Judy doesn’t seem to be stealing information from devices (that would have been a travesty). Instead, it helps the perpetrators earn money by intruding Google Ads platform, and clicking ads on your behalf.

Some of the apps infected with Judy. (Photo Courtesy: Check Point)
The malware opens the URLs using the user agent that imitates a PC browser in a hidden webpage and receives a redirection to another website. Once the targeted website is launched, the malware uses the JavaScript code to locate and click on banners from the Google ads infrastructure. Upon clicking the ads, the malware author receives payment from the website developer, that pays for the illegitimate clicks and traffic.
Check Point

Not sure how many of you would be bothered by the how, and would probably be keen to know who’s behind it, and how you can prevent. Luckily we have answers to both of them.

The malicious apps are all developed by a Korean company named Kiniwini, registered on Google Play as ENISTUDIO corp.&nbsp;
Check Point

The security firm has suggested users that instead of tracking all the apps they download, they would be better served by fool-proofing the phones which can prevent them from getting hit by mobile malware.

Google claims to have updated Bouncer protection for apps feature on Android. Android always faces big threats from malware, adware and viruses.

Google is doing its best to reduce such instances, but as a user, we need to stay vigil, be sensible with the kind of apps we download, and keep our devices secure in every possible manner.

(At The Quint, we question everything. Play an active role in shaping our journalism by becoming a member today.)

Published: undefined

ADVERTISEMENT
SCROLL FOR NEXT