Judy malware: 36 million Android smartphones could be infected

Many of the apps were highly rated and available to download for several years

Aatif Sulleyman
Tuesday 30 May 2017 07:23 EDT
Comments
Its spread has been described as as 'possibly the largest malware campaign' found on the Play Store
Its spread has been described as as 'possibly the largest malware campaign' found on the Play Store (Justin Sullivan/Getty Images)

Your support helps us to tell the story

From reproductive rights to climate change to Big Tech, The Independent is on the ground when the story is developing. Whether it's investigating the financials of Elon Musk's pro-Trump PAC or producing our latest documentary, 'The A Word', which shines a light on the American women fighting for reproductive rights, we know how important it is to parse out the facts from the messaging.

At such a critical moment in US history, we need reporters on the ground. Your donation allows us to keep sending journalists to speak to both sides of the story.

The Independent is trusted by Americans across the entire political spectrum. And unlike many other quality news outlets, we choose not to lock Americans out of our reporting and analysis with paywalls. We believe quality journalism should be available to everyone, paid for by those who can afford it.

Your support makes all the difference.

Security researchers have discovered Android malware that may have infected up to 36.5 million users.

Dubbed ‘Judy’, the malware was found on over 40 apps, many of which were available to download from Google Play for “several years”.

CheckPoint, which spotted the malware, has described it as “possibly the largest malware campaign” found on the Play Store.

The researchers say Judy “uses infected devices to generate large amounts of fraudulent clicks on advertisements, generating revenues for the perpetrators behind it.”

41 of the infected apps are said to have been developed by a Korean company called Kiniwini, and registered on Google Play as ENISTUDIO corp.

These included cooking and fashion games, such as Chef Judy: Picnic Lunch Maker.

Unusually, many of the apps were rated highly by users, but this could be due to manipulation rather than a genuinely positive user experience.

“A high reputation does not necessarily indicate that the app is safe for use,” explains CheckPoint in a blog post.

“Hackers can hide their apps’ real intentions or even manipulate users into leaving positive ratings, in some cases unknowingly.”

The Judy malware was also found on several apps created by other developers.

“The connection between the two campaigns remains unclear, and it is possible that one borrowed code from the other, knowingly or unknowingly,” says CheckPoint.

Google has been notified about the malware, and has removed the infected apps from the Play Store.

Join our commenting forum

Join thought-provoking conversations, follow other Independent readers and see their replies

Comments

Thank you for registering

Please refresh the page or navigate to another page on the site to be automatically logged inPlease refresh your browser to be logged in