Judy Android Malware: From the Play Store to 36.5 Mill Android Devices

Judy Malware: Οι ερευνητές ασφαλείας της Checkpoint ισχυρίζονται ότι ανακάλυψαν ενδεχομένως τη μεγαλύτερη καμπάνια malware στο Google Play Store, από την οποία έχουν ήδη μολυνθεί περίπου 36,5 εκατομμύρια συσκευές Android με λογισμικό ad-click.

Checkpoint blogged over 41 Android apps from a Korean company on the Google Play Store that are reportedly earning for their creators by generating fake ad clicks from the infected devices.Judy Android Malware

All malicious applications, developed by Korea-based Kiniwini, were released under the name ENISTUDIO Corp and contained an adware program called "Judy" by researchers. Judy, as we mentioned earlier, was used to generate false clicks aimed at generating advertising revenue.

In addition, researchers also uncovered some other apps, which were published by other developers in the Google Play Store, and inexplicably contain the malware itself.

The connection between the two campaigns remains unclear, although researchers believe it is possible that one developer borrowed the from the other, "knowingly or unknowingly".

"It is very unusual to find an organization behind a malware campaign, as most of them are developed purely by malicious (standalone) users," say CheckPoint researchers.

Apps available on the Play Store do not contain malicious code to bypass Google Bouncer protection.

Once downloaded and installed though, the app implicitly registers the user's device to a remote server και σαν απάντηση λαμβάνει το πραγματικό κακόβουλο φορτίο (Judy Android Malware) που περιέχει ένα JavaScript που ξεκινά την malicious .

The malicious apps appear to be actually legitimate α, αλλά στο παρασκήνιο λειτουργούν σαν γέφυρα για τη σύνδεση της συσκευής του θύματος με τον διακομιστή adware.

Once the connection is established, malicious applications corrupt the user agents of the browser to "play" the browser to open pages and generate clicks.

The following is a list of malicious applications developed by Kiniwini (click on "Malicious Applications" to open the list). If you have any of these installed on your device, remove it immediately:

Malicious Applications
  • Fashion Judy: Snow Queen Style
  • Judy: Persian cat care
  • Fashion Judy: Pretty rapper
  • Fashion Judy: Teacher style
  • Animal Judy: Dragon who
  • Chef Judy: Halloween Cookies
  • Fashion Judy: Wedding Party
  • Animal Judy: Teddy Bear who
  • Fashion Judy: Bunny Girl Style
  • Fashion Judy: Frozen Princess
  • Chef Judy: Triangular Kimbap
  • Chef Judy: Udong Maker - Cook
  • Fashion Judy: Uniform style
  • Animal Judy: Rabbit care
  • Fashion Judy: Vampire style
  • Animal Judy: Nine-Tailed Fox
  • Chef Judy: Jelly Maker - Cook
  • Chef Judy: Chicken Maker
  • Animal Judy: Sea otter care
  • Animal Judy: Elephant care
  • Judy's Happy House
  • Chef Judy: Hotdog Maker - Cook
  • Chef Judy: Birthday Food Maker
  • Fashion Judy: Wedding day
  • Fashion Judy: Waitress style
  • Chef Judy: Character Lunch
  • Chef Judy: Picnic Lunch Maker
  • Animal Judy: Rudolph who
  • Judy's Hospital: Pediatrics
  • Fashion Judy: Country Style
  • Animal Judy: Feral Cat who
  • Fashion Judy: Twice Style
  • Fashion Judy: Myth Style
  • Animal Judy: Fennec Fox who
  • Animal Judy: Dog Care
  • Fashion Judy: Couple Style
  • Animal Judy: Cat care
  • Fashion Judy: Halloween Style
  • Fashion Judy: EXO Style
  • Chef Judy: Dalgona Maker
  • Chef Judy: ServiceStation Food
  • Judy's Spa Salon

Google has already removed the above apps containing Judy Android Malware from the Play Store, but since Google Bouncer did not recognize them as a malicious thing at the outset, it would be to watch what you downloaded.

iGuRu.gr The Best Technology Site in Greecefgns

Subscribe to Blog via

Subscribe to this blog and receive notifications of new posts by email.

Written by giorgos

George still wonders what he's doing here ...

Leave a reply

Your email address is not published. Required fields are mentioned with *

Your message will not be published if:
1. Contains insulting, defamatory, racist, offensive or inappropriate comments.
2. Causes harm to minors.
3. It interferes with the privacy and individual and social rights of other users.
4. Advertises products or services or websites.
5. Contains personal information (address, phone, etc.).