As many as 36.5 million Android users have been infected by Judy, the latest malware scam in circulation on Google Play, Google’s popular app store.
The malware, which produced fake ad clicks, was found on 41 apps developed by Korean company Kiniwini, according to security firm Check Point. ‘Judy’ uses infected devices to garner the fraudulent clicks which, in turn, generates revenue for the perpetrators.
“It is unclear how long the malicious code existed inside the apps, hence the actual spread of the malware remains unknown,” the company wrote in a blog post, adding that some of the apps “resided on Google Play for several years” and “all were recently updated.”
“These apps also had a large amount of downloads between 4 and 18 million, meaning the total spread of the malware may have reached between 8.5 and 36.5 million users,” Check Point said.
Google “swiftly removed” the offending apps from its store after Check Point contacted the company about the problem.
The malware was named as Judy after the title character in Kiniwini’s apps which include games like Chef Judy: Picnic Lunch Maker. The Judy malware relies on the communication with Google Play’s Command and Control (C&C) server for its operation.
Check Point said app users should not rely solely on app stores’ security to keep their devices safe. Instead, the security firm suggested users download “advanced security protections capable of detecting and blocking zero-day mobile malware.”