Judy Malware Infects Over 30 Million Android Users Worldwide*

Judy Malware Infects Over 30 Million Android Users Worldwide*

An application masked as an adware infected over thirty million Android devices

More than thirty million Android users might be infected with an adware that has been on Google’s Play Store for many years.

Again, thanks to security experts at Check Point they were able to discover the malware, naming it Judy. The malware was discovered in more than forty applications that were all linked to a single Korean company named ENISTUDIO.

Image Source: Check Point – A malicious Judy app on Google Play

 

Even though Google has removed the infected applications from its store, the damage already done casts no doubt on the efficacy of the adware it spread through the application and by bypassing Google Play’s security screening system, Bouncer.

According to the report published by Check Point, for an infected application to bypass Bouncer protection, the application creates a bridge between a server and the device it was installed on – like many applications out there – which is why it remained undetected for so many years.

Image Source: Check Point – Searching for iframes containing Google ads.

 

Once the application is downloaded from Google Play Store it pings the server and registers the target. From there the command and control server replies to the application with the malicious code that is made up of JavaScript, along with different variables and strings and URL’s that are all controlled by the server.

The malicious code then fills the device with advertisements, many of them are click-adverts, meaning they interact with the spam advertisements to get back to their home screen, and these click-advertisements then make the hackers their money.

Image Source: Check Point – Comments made by suspicious users

.

Be aware, it is not only the Korean company that is making these applications. Reports from a more recent discovery show that there are other developers following the same trend; more than forty-five applications were discovered on Play Store using the same two-step tactic. Users are fooled into downloading the applications and then once done, the server would send the payload of malicious code to the user’s phone.

It is applications like Judy that highlight a very important message for users: always check the information on applications before downloading them. Good ratings do help to know if the application is safe. There were others saying that these applications had tremendous advertisements that Judy was generating.

This is just one example discovered. In time, security researchers will develop different tricks to see how hackers fool us. We recommend using a paid anti-virus service for your smart device and keeping it up to date with all the latest security updates.

Anonymous recommends: Click Here To Surf & Download Anonymously, Protect Yourself From Any Hackers Or Spy Agencies And Get Around Censorship Filters

Source*

Related Topics:

Leaked NSA Malware Is Helping Hijack Computers around the World*

Man who Accidentally Saved the World from the Hack Failed his IT GCSE*

School-issued Devices Allow the Feds to Spy on Everything Students have ever Done*

Adobe Acrobat Reader DC Security Update Installs Chrome Spyware*

Judge Orders DOJ to Release Files on Secret Spying Program ‘Project Hemisphere’*

 

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s