'Judy' Malware infects more than 36.5 million Android users

29 May 2017 | By Shikha Chaudhry
Of malwares affecting the Android apps!

A new malware called "Judy" has made its way to the Google Play Store and has infected between 8.5-36.5 million users, says research firm Checkpoint.

Checkpoint upon discovery alerted Google, which has started to remove the apps that have been infected.

According to reports, these infected apps were present in the Google Play Store for more than a year.

Here's all about it.

In context: Of malwares affecting the Android apps!

29 May 2017'Judy' Malware infects more than 36.5 million Android users

Click BaitsClick baits present in more than 41 apps

Checkpoint in its blog said, "It is an auto-clicking adware which was found on 41 apps developed by a Korean company. The malware uses infected devices to generate large amounts of fraudulent clicks on advertisements, generating revenues for the perpetrators behind it."

The firm is not certain on how long the malicious code was present inside the apps; therefore exact extent can't be determined.

Love Tech news?
Stay updated with the latest happenings.
How did "Judy" work?

HowHow did "Judy" work?

The infected apps were present in the Play Store under the garb of casual cooking and fashion games under the "Judy" brand and its malicious activities didn't come under the radar as the malicious code was downloaded from a non-Google server after the games were installed in the phone.

The infected phone would incessantly click on Google Ads, generating revenue for its attacker.

MeasuresStringent measures should be taken

The fact that a malware like "Judy" went undetected of the Google Play raises serious questions on the security measures taken by the Internet giant to safeguard its Android Operating System.

With no intention to fuel the age-old Android vs. iOS debate, the fact that Android allows more freedom to its developers, sometimes becomes a crutch rather than a helping hand.

Extent of damageHow it became so widespread

Checkpoint discovered that other developers who borrowed code from this "Judy" line of games, knowingly or unknowingly also ended up with the malware.

Checkpoint notes, "The oldest app of the second campaign was last updated in April 2016, meaning that the malicious code hid for a long time ... These apps also had a large amount of downloads between 4 and 18 million."