Two weeks ago Check Point specialists warned about the malware that could exploit a vulnerability in the “Allow other apps” Android functionality. This time the same company found in the Google Play store malware named Judy, which could infect as many as 36.5 million Android users.

Once, to be safe, it was enough to install on our smartphones applications from the official source. Unfortunately for a long time this is not a sufficient strategy. Criminals have learned to smuggle malicious code that is not detected by Google scanners. It encrypts and attaches them to useful applications (such as games), which are downloaded by millions of users later. This was, for example, FalseGuide (the virus was in games imitating game guides), Skinner, or the already familiar Viking Horde.

Judy malware makes that our smartphone generate huge amount of advertising views.

Contrary to appearances it is not funny. The code identified by Check Point is used to generate an unimaginable number of ad impressions, for which criminals later receive money. Judy does not steal your data, but uses your internet package. In addition, it slows down the operation of the smartphone and shortens the battery life. The worm has been found in over 50 applications, most of them have been recently updated. It is not known whether criminals have implemented malware immediately or whether they initially wanted to gain user trust. According to statistics available in the Google Play store, Judy malware could hit at least 8.5 million smartphones, with an upper estimate of 36.5 million.

Judy Malware Android
One of the infected applications.

Malware is in applications mainly coming from one studio.

The virus signature was found mostly in applications written by Kiniwini. Interestingly all of them have been updated in late March or April. Perhaps it was then that malicious code was added. Interestingly, Check Point specialists have also found the same signature in individual applications from other developers. However, it is not known if Judy was placed there by accident (e.g. by copying the code) or whether criminals began selling the worm.

Studio Kiniwini (43 applications):

  • Fashion Judy: Snow Queen style
  • Animal Judy: Persian cat care
  • Fashion Judy: Pretty rapper
  • Fashion Judy: Teacher style
  • Animal Judy: Dragon care
  • Chef Judy: Halloween Cookies
  • Fashion Judy: Wedding Party
  • Animal Judy: Teddy Bear care
  • Fashion Judy: Bunny Girl Style
  • Fashion Judy: Frozen Princess
  • Chef Judy: Triangular Kimbap
  • Chef Judy: Udong Maker – Cook
  • Fashion Judy: Uniform style
  • Animal Judy: Rabbit care
  • Fashion Judy: Vampire style
  • Animal Judy: Nine-Tailed Fox
  • Chef Judy: Jelly Maker – Cook
  • Chef Judy: Chicken Maker
  • Animal Judy: Sea otter care
  • Animal Judy: Elephant care
  • Judy’s Happy House
  • Chef Judy: Hotdog Maker – Cook
  • Chef Judy: Birthday Food Maker
  • Fashion Judy: Wedding day
  • Fashion Judy: Waitress style
  • Chef Judy: Character Lunch
  • Chef Judy: Picnic Lunch Maker
  • Animal Judy: Rudolph care
  • Judy’s Hospital: pediatrics
  • Fashion Judy: Country style
  • Animal Judy: Feral Cat care
  • Fashion Judy: Twice Style
  • Fashion Judy: Myth Style
  • Animal Judy: Fennec Fox care
  • Animal Judy: Dog care
  • Fashion Judy: Couple Style
  • Animal Judy: Cat care
  • Fashion Judy: Halloween style
  • Fashion Judy: EXO Style
  • Chef Judy: Dalgona Maker
  • Chef Judy: ServiceStation Food
  • Judy’s Spa Salon

Other developers (9 apps in total):

  • 커플디데이 (커플기념일, 위젯)
  • Dog Music (Relax)
  • 카카오톡 대화분석기
  • 황금기 알리미 (여성달력)
  • 100억 가계부
  • KatocPic(카톡픽) – 카톡프로필
  • 필수추천 무료어플 77
  • Spring-It’s stylish, it’s sexy
  • Crafting Guide for Minecraft

Source: Check Point

Share This: