Up to 36.5M Android Users Victims of Malware Scam

As many as 36.5 million Android users have been infected by Judy, the latest malware scam in circulation on Google Play, Google’s popular app store.

The malware, which produced fake ad clicks, was found on 41 apps developed by Korean company Kiniwini, according to security firm Check Point. ‘Judy’ uses infected devices to garner the fraudulent clicks which, in turn, generates revenue for the perpetrators.

Google Play“It is unclear how long the malicious code existed inside the apps, hence the actual spread of the malware remains unknown,” the company wrote in a blog post, adding that some of the apps “resided on Google Play for several years” and “all were recently updated.”

“These apps also had a large amount of downloads between 4 and 18 million, meaning the total spread of the malware may have reached between 8.5 and 36.5 million users,” Check Point said.

Google “swiftly removed” the offending apps from its store after Check Point contacted the company about the problem.

The malware was named as Judy after the title character in Kiniwini’s apps which include games like Chef Judy: Picnic Lunch Maker. The Judy malware relies on the communication with Google Play’s Command and Control (C&C) server for its operation.

“Once a user downloads a malicious app, it silently registers receivers which establish a connection with the C&C server,” Check Point explained. “The server replies with the actual malicious payload, which includes JavaScript code, a user-agent string and URLs controlled by the malware author. The malware opens the URLs using the user agent that imitates a PC browser in a hidden webpage and receives a redirection to another website. Once the targeted website is launched, the malware uses the JavaScript code to locate and click on banners from the Google ads infrastructure.”

Check Point said app users should not rely solely on app stores’ security to keep their devices safe. Instead, the security firm suggested users download “advanced security protections capable of detecting and blocking zero-day mobile malware.”

About the author


Jennifer Cowan

Jennifer Cowan is the Managing Editor for SiteProNews.

1 Comment

Click here to post a comment
  • It’s for reasons like this that I tell all my family members to always be careful when downloading apps. No matter if it’s a cute little game or a “cool” app, you really never know what security issues can be exposed. Hopefully The Google PlayStore Team will find more ways to help prevent something like this from happening again. The fact that the malware may have reached between 8.5 and 36.5 million is nothing to sneeze at.