Checkpoint, a security firm, announced on Thursday that the firm discovered an Android malware, dubbed as “Judy,” that possibly infected more than 36 million Android devices before it was taken down by Google.
According to the security firm, the malicious software was hidden in over 40 apps that have the “Judy” brand in its titles. Such apps included “Fashion Judy: Pretty Rapper,” “Chef Judy: Halloween Cookies,” “Animal Judy: Teddy Bear Care,” and “Fashion Judy: Wedding Day,” just to name a few. Basically, all apps that have the name “Judy” in it are infected.
All of these apps were taken down from the Google Play Store by the search giant.
What the malware 'Judy' does to devices
“Judy” is an ad-click software that brings revenue to its developers through Google’s pay-per-click feature.
Interestingly, the malware itself is not activated just by downloading the infected app. Instead, the malware only activates when the apps are installed.
Once installed, the malware is downloaded from a non-Google server, bypassing Google’s security. The apps then execute certain codes that automatically keep clicking on ads, earning developers millions in ad revenue. The malware doesn't seem to harm the device though, nor compromises any confidential user data, according to the security firm.
It is speculated that the developers behind the malware may have been earning $300,000 a month before Checkpoint discovered it.
In addition, the malware itself also displays ads and cannot be closed until the user clicks on them.
Who created the 'Judy' malware?
Apparently, a South Korean firm called ENISTUDIO is behind the malware.
The company developed the games with the malware installed and went undetected by Google’s security software.
However, there are other versions of similar attacks found on several apps from different publishers, according to reports.
This is not the first time a malware was able to hide on the Play Store which points out the vulnerability of Google compared to a much secure operating system of Apple.
Just recently, a much harmful malware was discovered in media players for Android such as VLC player that allows hackers to take full control of the Android device.
Are you one of those who downloaded one of the “Judy” games infected by the malware? Write your thoughts in the comment section down below and don’t forget to like and share this article.