Categories: NewsSecurity

Google Removes Play Store Malware Campaign that Infected as Many as 36.5 Million Users

Check Point security researchers recently uncovered a malware campaign on Google’s Play store that had already infected anywhere between 8.5 to 36.5 million users, as the malware was spread by several developers on the app store after a Korean company started using it. As many as 41 apps had the malware in them.

Possibly the biggest malware campaign on Google Play

Check Point researchers discovered the malware, dubbed “Judy”, inside of innocent looking apps, with names along the lines of “Chef Judy”, “Animal Judy”, and “Fashion Judy”. Once installed, the malware generated fraudulent clicks on advertisements, which then got the perpetrators behind it paid.

The apps infected with Judy malware were developed by a Korean company named Kiniwini, and published under “ENISTUDIO Corp” on Google Play. Security researchers found it unusual, as this is an actual company that develops apps for Android and iOS, and managed to get Judy anywhere between 4.5 and 18.5 million downloads.

Several other developers also used the malware in their apps, although it is unclear whether there is a connection between Kiniwini and these developers, or if they just borrowed the malicious code, knowingly or unknowingly. Nevertheless, Judy managed to reach between 8.5 and 36.5 million users. Check Point described it “possibly the biggest malware campaign on Google play.”

All of Kiniwini’s apps were recently updated, so it isn’t possible to tell how long Judy malware has been around the app store. In an app that wasn’t developed by the Korean company however, the last updated dated back to April 2016, meaning the malicious code has been around for at least a year.

Check Point’s blog post reads:

“Some of the apps we discovered resided on Google Play for several years, but all were recently updated. It is unclear how long the malicious code existed inside the apps, hence the actual spread of the malware remains unknown

Related Post

Google reviews its apps through an automated system named Bouncer, but according to reports the hackers created a seemingly benign application that allowed them to bypass Bouncer. After finding out about the flaw, Check Point researchers quickly contacted Google, and the internet giant swiftly removed all Judy-related apps from the Google Play store.

Wary users

Overall, Kiniwini’s apps had positive ratings on the app store, as most users didn’t realize their phones had been hijacked so fraudulent advertisement clicks could be generated, and merely enjoyed the games they had downloaded.

A few users realized something was odd, as the apps asked for odd permissions, such as access to the user I.D. and call information – information a game shouldn’t require. Other users pointed out that they could barely play the game, as a black box appeared around the screen and ultimately forced them to click on ads.

Security researchers at Check Point pointed out that high reputation doesn’t mean an app is safe, as hackers can manipulate users into leaving positive ratings, while hiding their true intentions.

To stay safe, Check Point recommends users don’t just trust systems official app stores use, as more often than not malware manages to get through. The best way to prevent having your device compromised, is to implement security protections capable of detecting and blocking malware.

If you liked this article, follow us on Twitter @themerklenews and make sure to subscribe to our newsletter to receive the latest bitcoin, cryptocurrency, and technology news.

Francisco Memoria

Francisco is a cryptocurrency enthusiast who's lucky enough to be able to write about his passion.

Share
Published by
Francisco Memoria

Recent Posts

Best Cryptos to Buy Today: Qubetics Presale Hits $2.7M, MicroStrategy Falls After Bitcoin Price Dips, and Ethereum Heist Involves North Korean Hackers

Best Cryptos to Buy Today: Qubetics Presale Hits $2.7M, Bitcoin Price Dips, and Ethereum Heist…

2 hours ago

WIF Set to Overtake BONK? Lunex Soars with 100x Potential in Altcoin Season

As altcoin season heats up, all eyes are on the rising stars—especially Lunex, which is…

11 hours ago

Binance Coin Price Dips: BNB Holders Rush To Lunex Presale To Hedge Their Long Positions

While the broader market witnessed a notable upward movement, Binance Coin (BNB) experienced a decline…

11 hours ago

Crypto Stalwarts Forecasted 800% Growth in Innovative Projects: VeChain, Rollblock and Polkadot!

This blazing crypto bull run has investors looking for the next top altcoins set to…

11 hours ago

Dogecoin Price Set To Recreate 36,000% Rally From 2021 After Pennant Formation

The Dogecoin price is back in the limelight, captivating the crypto world with its recent…

12 hours ago

Is XRP About to Explode? How Trump’s Victory Is Affecting XRP Price Amidst JetBolt Growth

Ripple’s XRP showed a 68% price increase in the last 7 days following Trump's victory,…

12 hours ago