Judy Malware Attacks 36.5 Million Phones — One Of The Largest Malware Campaigns on Google Play

A notorious adware named Judy had managed to break Google Play Store’s security mechanism, affecting about 36.5 million users. Judy malware was spread via 41 popular apps created by a Korean company and tricked users into clicking banner ads to generate illegal revenue. After Check Point reached out to Google, the company removed the apps

from Play Store.
Last week, the Check Point researchers uncovered a widespread malware campaign on Google’s official app store. The notorious malware, called Judy, was found on 41 popular apps developed by a fishy Korean company.

The malware is basically an adware that uses tons of fake clicks on the advertisements for generating revenue. As the agent apps became massively popular, the number of affected users might had reached as much as 36.5 million customers.

Some affected apps had existed on Play Store for several years but they were recently updated. The oldest app of the second campaign was updated in April 2016. As per Check Point’s report, it’s unclear how long the rogue code existed in the app.

The security researchers also found many other apps that contained Judy malware. The connection between the two campaigns is unclear. It’s possible that one campaign got the code from other.

How does Judy Malware operate?

judy malware android — Image: Check Point

For bypassing Google Play’s protection, Bouncer, the coders of Judy malware created an app that looked innocent. After arriving on a user’s smartphones, the malware established a connection with the C&C server and downloaded the malicious payload, which included JS code, user-agent string, and URLs controlled by malware author.

After this, Judy opened the malicious URL that imitated a PC browser in a hidden web page. It was followed by another redirection that loaded Google Ads and generated illegitimate clicks.

You can find the complete list of Judy malware apps on Check Point blog. If you’re having any of these apps installed on your Android phone, uninstall it and use some security solution to clean your phone.

Did you find this story on Judy malware interesting? Don’t forget to share your feedback with us.

Virtual and Augmented Reality: Transforming The Way We Look At The Internet and Data Security

Virtual and Augmented Reality have redefined every aspect of our modern world ranging from gaming, music, and pop culture, to business, human interaction, and development. However, ‘with great power comes great responsibility’. When it comes to a technology slowly becoming a part of some of our most sensitive aspects in our lives (finances, identity, and health), ensuring its safety is highly important. Despite this, many companies have certainly not done their part to ensure the better virtual reality security and, in turn,

Twin sisters CONJOINED at abdomen, liver and umbilical cord die soon after birth (photo)

> The Siamese twins who were born in Zambia a few days ago passed away > They were joined at the chest > The babies shared one abdomen, liver and umbilical cord The conjoined twins who had been born at KITWE Central Hospital in Zambia a few days ago, have passed away. The Siamese girls were delivered by a 19-year-old woman. They were joined by the chest, sharing one abdomen, liver and umbilical cord.

Which Is The Best Linux Distro For Beginners? — 2017 Edition

Are you looking for a Linux distro that’s suitable for new users who are willing to start an exciting Linux journey? Well, you’re at the right place. These days, Linux Mint is giving a tough competition to Ubuntu as it’s very beginner-friendly. Our other top recommendations are Zorin OS (which looks a lot like Windows operating system) and lightweight Linux Lite.

Google’s Open Source DIY Kit Turns Your Raspberry Pi Into An AI Assistant

The latest edition of the MagPi magazine includes a DIY kit created by Google that can be used to create a custom Google Home device powered by Raspberry Pi. A user can take advantage of the Google Assistant SDK and Google Cloud Speech API to enable voice control in their projects.

9JABREEZELAND

Search This Blog