Security research firm Check Point has discovered a new malware named �Judy� which was found in over 41 apps on the Google Play Store. After being alerted, Google has started removing these infected apps from the Play Store.
However, �Judy Malware� infected apps have already reached over 4.5 million to 18.5 million downloads on the Google Play Store. Some of the apps were residing on Google Play for several years, but all were recently updated. According to Check Point, Judy Malware is �auto-clicking adware,� and the firm spotted that the apps were developed by a company in South Korea.
The company�s name is Kiniwini and apps were published under the moniker ENISTUDIO corp., as per the report. The auto-clicking adware would use the infected devices to create false clicks on ads and thus generate revenue for the publisher.
The researchers have found that other apps on the Google Play Store also contain the malware which was developed by other companies. The research firm says that code was present in an app since April 2016 and managed to escape Google�s scrutiny for nearly a year.
Judy malware is to create false clicks on ads for boosting the revenue of these companies. How the Judy malware evaded Google Play Store�s protection is unknown.
The firm explains that when the app is downloaded, it sets up a connection with the Control and Command server, which will deliver the actual malicious payload. The malware opens the URLs, which imitates the infected device as a PC browser and is used to launch the targeted website. Then find ads by looking for iframes, which have ads from Google AdSense.
So far, there is no evidence of any data being compromised on the infected devices. This is not the first time and many previous instances where malware like these have successfully cleared Google’s screening process.
Users must be careful here after while downloading any app. In order to protect themselves from malware, users must read all the user reviews and check for any suspicious behavior of the applications before downloading any apps. And also, must keep the system updated with the latest software and security patch. If possible, users must use the VPN services which will keep them safe online. Some worthy antivirus program also would be useful.
Google keeps on taking security measures, for instance, Play Protect was recently announced by Google during the annual developer conference and is meant safeguard users from malicious and dangerous apps. Play Protect will be built into every device with Google Play which automatically takes action to keep users� devices safe. Google have said that it scans more than 50 billion apps every day, and taking all steps to protect users.