Around 36 million Android devices could have been infected with Judy malware, which is an ad-click malware, according to a security firm.
According to media reports, the security company Checkpoint wrote last week that they have found more than ten kinds of dangerous Android applications, which can use malicious advertising software to infect users. The malware does not get people’s attention, and some apps had had it for a year! At present, around 36.5 million users of mobile phones have been affected. Check Point’s researchers said that they found the malware Judy on around 50 applications on the Google’s Play Store. Google has taken note of the situation. At present, Google has removed the applications with malicious code.
Also Read: Virus containing USB sticks have been posted in homes
How Judy Malware Works
These malicious applications mainly include a series of casual cooking and fashion games. These applications are installed after the malicious program is downloaded through a non-Google server. The apps have a code that transmits the infected phones to a target webpage. Fraudulent clicks are generated on the website’s advertisements so that creators can make money.
Also Read: WannaCry Ransomware Attack – All you need to know
As many as 40 of the applications came from the South Korean developer, Kiniwini, that publishes games on the Play Store using the name Enistudio. All the games have a character called Judy. They have been downloaded somewhere between 4 million and 18 million times. Some apps from other developers also had this malicious code. Checkpoint said that intentionally or unintentionally the code was borrowed. Check Point does not know how long the malicious versions of the applications have been around, but they Judy games were last updated in March this year.
Also Read: Everything You Need To Know About Windows 10 S
Earlier, a research team at the Brunswick University of Technology released a shocking report showing that 234 Android apps were embedded in the SilverPush code, which could collect ultrasonic signals embedded in media or beacons. The Android device, which embeds SilverPush code, can monitor the sound source from the user’s device or the external audio source from the device microphone, that is, listen to the user’s surrounding sound. “This side channel attack can allow lawless elements to confirm the current location of a user, monitor her TV viewing habits, or connect her different mobile devices together.” However, even worrying is the fact that this embedded SilverPush code Android application is not an individual phenomenon. The study found that up to 234 Android applications can have this code without the user knowing. It collects the ultrasound beacon and the user doesn’t even find out. A year and a half ago this figure was only 39. Even among the 35 physical stores in two European cities, four stores have detected signals that are used to track user locations.
Also Read: Android VS iOS: The better Mobile OS
Judy Malware Is Hard To Detect
The malicious code lied low for a long time before the Play Store detected it. Since it is not clear when the code was introduced, it is difficult to say exactly how many devices were affected. The applications evaded the Play Store’s protection system, Google Bouncer, as they did not have the malicious part of the Judy code. When you download the app, the application registers your phone silently to a remote server. The server responds by replying with ad-click software that opens a hidden site and creates income for it by clicking on ads. A lot of tools are available so malware creators and distributors can alter them remotely which makes it easier for them to evade anti-malware software. The applications also show many ads which won’t shut down until you click on them.
Also Read: Android Trojan called android.slicer – Can buy and install apps without user’s permission
In this era of technology, privacy seems like a dream. We traded our privacy for smartphones, tablets, and smart TVs.
Also Read: Pakistani Hacker rewarded $5000 for finding bug in browsers.