‘Judy’ malware found on Google Play Store puts 36.5m users at risk

judy malware android google play store

Just when you thought that WannaCry would be the last of the big malware attacks to plague 2017, a new breed of nasty has appeared on the Google Play Store. And its name is Judy.

According to a report published by security company CheckPoint, Judy “is an auto-clicking adware which was found on 41 apps developed by a Korean company”.

No ad to show here.

The malware gets its name from the usual (and rather adorable) protagonist of the games fronting the malware. In one particular case, users can “create delicious food with Judy”.

Sounds yum.

Cleverly bypassing Google Play’s security measures by masquerading behind a legitimate app, Judy then phones home to its control server, downloads “JavaScript code, a user-agent string and URLs controlled by the malware author” and proceeds to opens a slew of ads on the users’ device.

When users click on these ads, the attackers rack up the Google advertising revenue.

Judy lurks within seemingly innocuous games and apps on infected Android devices

While that doesn’t sound too bad (after all, WannaCry locked users out of their devices altogether), it gets worse: due to the malware’s perceived age on the Play Store, around 36.5-million users who downloaded these apps could be at risk.

The security company is calling this one of the largest malware campaigns found on Google Play Store.

“It is unclear how long the malicious code existed inside the apps, hence the actual spread of the malware remains unknown,” CheckPoint reveals.

Although the offending wares have since been removed from the Play Store itself, the malware is still out in the wild.

What makes this malware distressing for users is that Google itself couldn’t protect its users.

“Users cannot rely on the official app stores for their safety, and should implement advanced security protections capable of detecting and blocking zero-day mobile malware,” CheckPoint adds.

This isn’t the first time that Google’s security measures have failed its users though, with the likes of CallJam, DressCode and Skinner all lurking on the app platform within in the past year.

No ad to show here.

More

News

Sign up to our newsletter to get the latest in digital insights. sign up

Welcome to Memeburn

Sign up to our newsletter to get the latest in digital insights.

Exit mobile version