Judy malware infects millions of Android smartphones via Play Store, how to check if your smartphone is infected

A malicious campaign called “Judy” had wrapped up much of the Google Play Store and infected anywhere between 8.5 million and 36.5 million users. Check Point’s security research firm said it had discovered the malware after which it had alerted Google. Meanwhile, Google began to remove infected many applications from the Play Store. However, malware Judy got 4.5 to 18.5 million downloads in the Google Play Store. Check Point posted a blog on the subject, which says Judy Malware is an “automatic click of advertising programs.” This essentially means that pirates put money by creating clicks on fake ads after infecting smartphones. The research firm has identified certain applications developed by a company based in South Korea.
The researchers said that the name of the South Korean company is Kinikini and was mentioned in the Google Play Store as ENISTUDIO Corp and is said to develop applications for Android, iOS. The malicious software or automatic click user essentially uses infected devices to create false clicks on ads and, in turn, generates revenue for the one behind this cyber crime. Check Point wrote in its blog post: “Malicious applications have achieved a surprising gap between 4.5 million and 18.5 million downloads. Some of the applications that we have discovered in Google Play for several years, but all have recently updated. “The researchers said they found many other applications containing malware, the Google Play Store. Curiously, they were developed by other companies. According to the checkpoint, the program has operated in an application since April 2016. This essentially means that it had managed to hide the Google review for over a year Judy malware works like this: .. creates false clicks on ads, and Ultimately increases the revenue of these companies basically Judy malware manages to escape the Google Play Store and protection software against hackers could create an “apparently benign applications bridgehead to establish a connection to the device Of the victim, and inserts it into the application store. ” Once you download the application, a connection is established with the control server and control. This furnace server defines the actual malicious load. The wrong program includes “JavaScript, a user agent string and URL controlled by the malware author,” says the checkpoint.

Leave a Reply

Your email address will not be published. Required fields are marked *