There is a new form of malware, dubbed “Judy” which already attacked around 36.5 million android devices. Last week, the security firm Checkpoint unearthed a number of android applications from Google’s official app store. The malware has the capacity to reach large number of devices in short period of time.
The report from Checkpoint says, the Judy malware is an auto-clicking adware which was found on 41 apps developed by a Korean company. The main motive of this adware was to generate large sum of income for attackers, this happens when malware uses ruined devices to fraudulent click on advertisements which pops up on apps.
This type of malware comes with the series of fashion and casual cooking apps. The Judy-infected apps were initially found on apps by a Korean publisher known as ENISTUDIO. However, the malware was later also found on some apps from other publishers too. Google immediately removed applications after being notified by Checkpoint.
Let’s know more about Judy:
The Malware applications were all developed by a Korean company named Kiniwini, registered on Google Play as ENISTUDIO corp. This cooperation develops mobile apps for both Android and iOS platforms. It is quite difficult to find which organization is playing behind mobile malware as malicious experts are making these apps with various names.
As per the security firm Check Point:
“Once a user downloads a malicious app, it silently registers receivers which establish a connection with the C&C server. The server replies with the actual malicious payload, which includes JavaScript code, a user-agent string and URLs controlled by the malware author. The malware opens the URLs using the user agent that imitates a PC browser in a hidden webpage and receives a redirection to another website. Once the targeted website is launched, the malware uses the JavaScript code to locate and click on banners from the Google ads infrastructure.
Upon clicking the ads, the malware author receives payment from the website developer, which pays for the illegitimate clicks and traffic.”
Steps to protect ourselves from malwares:
- Keep your software up-to-date
- Always download apps from trusted sources
- Keep your device safe with password
- Install OS update as soon as it releases
- Always makes sure to connect with secured public Wi-Fi’s as it’s more vulnerable to attacks
- Install mobile security apps
Nice article. Thanks for this useful piece of information.