Google kills massive Android malware campaign that infiltrated Play Store

by Edgar Hayes May 30, 2017, 5:42
Google kills massive Android malware campaign that infiltrated Play Store

According to a report by researchers of Check Point, Judy malware is an auto-clicking adware created to bring about revenues for its perpetrators by generating a lot of fraudulent clicks on advertisements.

In fact, one of these apps containing the malware were available on Google Play Store for over a year. The malware was found on 41 apps offered by a Korean firm, and quickly spread between 4.5 million and 18.5 million downloads. It's probably best to not take high ratings at face value in light of the malware's spread, given that numerous apps in question got positive feedback from several people.

"Users can not rely on the official app stores for their safety, and should implement advanced security protections capable of detecting and blocking zero-day mobile malware", CheckPoint adds.

Once the ad gets a click, the malware author receives payment from the website developer.

According to Google, just 0.16 percent of all apps on the Play store are malicious. According to online reports, Google has begun pulling out infected apps. The malware then opens the URLs, which imitates the infected device as a PC browser and is used to launch the targeted website.

"The entire ecosystem of free mobile OS is built around generating advertising revenues, and the operating systems grants apps with certain privileges to display these ads", Amit Jaju, executive director, Fraud Investigation and Dispute Services, EY India, said in a statement. As Checkpoint, "The malware, dubbed "Judy", is an auto-clicking adware which was found on 41 apps developed by a Korean company". It's quite scary actually, what Judy is and what it does and unlike many other malware on Android phones, this one actually spreads through Google's own play store.

A notorious adware named Judy had managed to break Google Play Store's security mechanism, affecting about 36.5 million users.

There's a new piece of Android malware on the loose and it's a doozy. The apps have been downloaded by unwitting users at least 36 million times, and Check Point estimated that Enistudio was making about $300,000 per month from the fraudulent ad clicks. Meanwhile, Google has started removing many infected apps from the Play Store. Google's system is supposed to work extensively to automatically detect malwares and apps that can pose can risk to the users.

While now removed by Google, the apps were downloaded between 4.5 million and 18.5 million times before being taken down.


TOP News

Turkish president watches as his security detail beat up protesters in Washington

Iraqi troops push for last ISIL holdouts in Mosul

Cher and other celebs remember Gregg Allman

Jared Kushner discussed creating secret communications channel with Moscow

GUJCET Result 2017 declared today @ gseb.org

Ariana Grande's manager pays tribute to Manchester victims

Jamie Foxx under fire for mocking sign language on 'Fallon'

Trump aides keep mum on Kushner-Russia reports

White Sox RHP Gonzalez allows first baserunner in seventh

Lue: Cavs' Irving feeling 'good' after Game 4 ankle injury