Quite recently, more than 41 applications in the Google Play Store were discovered infected with a new malware called Judy. Even before the discovery of the malware, 8.5 million users were already infected with it and it is feared that the number might go as high as 36.5 million. A company called Checkpoint has released the reports and it is the same company which has discovered the malware.
The firm informed Google soon after the discovery was made with all the infected apps being removed from the Play Store immediately.
According to a blog post by Checkpoint, the virus is from a so-called ‘auto-clicking adware’ and the suspicions are that the developers are from South Korea. The name of the company which is said to be involved is “Kiniwini” and they are in the Play Store with the name ENISTUDIO corp.
The company creates applications for both Android and iOS. The researchers have said that the auto-clocking adware uses the phones to create fake clicks on online ads in order to benefit the people who have created the ads. It seems that the apps have been living on the Google Play Store for quite some time without being detected themselves.
The same sort of malware has also been found on other apps created by different companies. It should also be noted here that Checkpoint claims that this adware is surviving in the Google Play Store since April 2016. This implies that Google has overlooked a major malware in their store which is a huge drawback for the company itself and its Play Store too.
Talking about this malware, the general idea is that it will automatically click on ads resulting in an increased revenue for the companies which have posted them. After the person downloads any of the infected apps from the Google Play Store, a connection is set up with the Control and Command server. This is not on Google’s servers and this is the reason that malware has managed to stay undetected for such a long period of time. The malicious payload would be downloaded too along with the app.
This is a huge proof of the lack of security which exists in the Google Play Store so the customers should be extremely cautious before downloading apps.
Google’s team tried their best to find the malware but it managed to sneak through their eyes. They are unable to find all of it and Judy is a proof of their inability to capture the malware.
- malware judy: secnews24