Should Google Be Doing More To Check Apps Amid WannaCry

Share

Up to 36.5 million Android devices may have been infected with a newly discovered piece of malware that generated fraudulent ad revenue for its creators. Because of the huge reach of the infected apps, these fraudulent clicks have generated large amount of revenues for the publishers. However, it wasn't clear which countries have been impacted by the Judy malware.

Security firm Check Point has uncovered a massive malware campaign that stretches back several years, hiding in plain sight within the Google Play Store.

A new malware named "Judy" has found in over 41 apps on the Google Play Store, infecting over 36.5 million users. It's surprising that most of these infected apps have large number of positive ratings in the store.

Latest research by Checkpoint security has uncovered a malware called "Judy".

According to Check Point, nobody noticed the malicious nature of the apps because those malicious effects were taken from a non-Google server after the user installed them. Yet, the Judy malware has managed to get 4.5 million to 18.5 million downloads on the Google Play Store.

The name of the company that's suspected to be involved is Kiniwini and their name in the Play Store is ENISTUDIO corp.

After this, Judy opened the malicious URL that imitated a PC browser in a hidden web page. As per a blog post with Check Point, Judy Malware is "auto-clicking adware", and the firm spotted tapps created by an organization situated in South Korea. "Once the targeted website is launched, the malware uses the JavaScript code to locate and click on banners from the Google ads infrastructure", Check Point explains.

The Judy Malware fiasco shows that even Google Play Store tends to pass up a major opportunity for malware on occasion, as it obviously did for this situation.

This malware seems to be unsafe for all the android users as this malware has spread in huge proportion and if left untreated then it can infect more android devices.

Since when it is present on the Google Play Store?

They said this means the "malicious code hid for a long time on the Play store undetected". As of last spring, an estimated 1.3 to 1.4 billion people owned Android phones, which are easier to infiltrate than iOS-based devices.

Once the malicious code is installed on the user's device, the JS code finds out the advertisements on the app and clicks on them.

Share