1. Home
  2. Judy Malware infects 36.5 million Android users, Google removes infected apps

Judy Malware infects 36.5 million Android users, Google removes infected apps

[email protected] (Agencies)
May 29, 2017

May 29: A new malware named "Judy" has found in over 41 apps on the Google Play Store, and it has infected between 8.5 million to 36.5 million users. This is according to a report from security research firm Check Point, which discovered the malware and alerted Google. The search giant has started removing these infected apps from the Play Store.judy

However, "Judy Malware" infected apps have managed to research over 4.5 million to 18.5 million downloads on the Google Play Store. According to a blogpost by Check Point, Judy Malware is “auto-clicking adware,” and the firm spotted tapps developed by a company based in South Korea.

The company"s name is Kiniwini, which is mentioned on the Google Play Store as ENISTUDIO corp, say the researchers. This firm developers apps for Android, iOS. The auto-clicking adware would basically use these infected devices to create false clicks on ads, and thus generate revenue for the people behind this.

Check Point notes in the blog post, “The malicious apps reached an astonishing spread between 4.5 million and 18.5 million downloads. Some of the apps we discovered resided on Google Play for several years, but all were recently updated.

The researchers have also found other apps on the Google Play Store, which contain the malware, and these were developed by other companies. The research firm notes that code was present in an app since April 2016, so basically it managed to escape Google"s scrutiny for nearly an year.

So what exactly is "Judy" malware, and how does it work?

The idea with Judy malware is to create false clicks on ads, and thus boost revenue of these companies. Essentially the Judy malware bypassed Google Play Store"s protection, and the hackers created a “seemingly benign bridgehead app, meant to establish connection to the victim"s device, and insert it into the app store.”

After the app is downloaded, it manages to set up a connection with the Control and Command server, which delivers the actual malicious payload. This includes the “JavaScript code, a user-agent string and URLs controlled by the malware author,” explains the firm.

These URLs open a targeted website, and the code is used to click on banners from the Google ad tech. Each click mean payment for the creator of the malware from the website developer. It finds ads by looking for iframes, which have ads from Google ads infrastructure.

The Judy Malware fiasco shows that even Google Play Store tends to miss out on malware at times, as it clearly did in this case. Google says that their Play Store works around the clock to automatically identify malware and apps that can pose can risk to the user. But in the case of Judy malware, this is a big miss.

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.
Agencies
January 19,2020

New Delhi, Jan 19: Messaging service WhatsApp which on Sunday faced issues in transmitting multimedia content including pictures and images, prompting social media users to share hilarious memes and messages, resumed regular services after over two hours.

#WhatsAppDown was the trending hashtag on Twitter for most part of Sunday afternoon in India along with several other countries such as Brazil, Europe and also parts of Middle-East including UAE, reported downdetector.in, a realtime problem and outage monitoring website.

Users of the popular messaging app were unable to send media files, stickers and GIFs.

Most users immediately went to Twitter to find out about the problem and check if others were facing the same issue.

Numerous tweets and memes took over the internet as soon as the news broke about the WhatsApp tech issue. After around two hours of technical glitch, the app resumed full service.

Even after full recovery of media transfer, people globally still continued checking the status of the messaging app.

WhatsApp has been one of the prime messaging apps since May 2009 and has recently collaborated with Facebook.

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.
Agencies
January 22,2020

New Delhi, Jan 22: "Don't get into a trap. Your security is in your hands," the Border Security Force (BSF) has said issuing its social media rules for its officers and men. It has directed them not to use 42 mobile applications and show caution while using Facebook, Twitter and WhatsApp.

"Be cautious while using social media," said the BSF in a circular issued recently.

"Before using WhatsApp, Facebook, Twitter and other social media platforms, one needs to keep in mind that you are border guarding force and Central Civil Services (Conduct) Rules rule duly are applicable," it said.

It further pointed out that by commenting/writing about or forwarding unverified reports and rumours one violates laws of land.

"Several times unverified reports would be presented in way that they are absolutely true and start believing it. Seeing such post always use your commonsense and never get into the trap (sic.)," it state adding that the anti-national elements uses social media to propagate their agenda to cause unrest in India.

A picture clicked by Border Security Force personnel and posted on a social media platform remains there for always. Therefore, one should use officially approved pictures about any incident or untoward incidents related to Border Security Force, stated the circular. It pointed that unauthorised persons should not engage into taking pictures of the incidents.

It also highlighted how through social media, a few BSF personnel have fallen into trap of espionage racket carried out by enemy countries.

"Our security and respect is in our hands. Always think twice whether you are doing correct by accepting friendship requests from unknown persons, especially women and girls," it cautioned the troopers and officers.

It also highlighted that while going on leave and joining back the force, always follow the rules and regulations laid out for safety and security. "This is for your own safety," it stressed in the end.

The BSF has also issued a list of 42 mobile applications that needs to be completely avoided by serving BSF officers and jawans.

They are MI store, Weibo, Wechat, Shareit, Truecaller, UC News, UC Browser, Beautyplus, NewsDog, Viva Video - QU video Inc, Parallel Space, Apus Browser, Perfect Corp, Virus Cleaner - HI Security Lab, CM browser, MI Community, DU recorder, Vault Hide - No mobile Security, Youcam Makeup, Cachecleaner DU Apps Studio, DU battery saver, DU privacy, 360 security, DU Browser,Clean master - Cheeta Mobile, Baidu Translate, Wonder Camera - Bindu Inc, ES Ifle Explorer, Photo Wonder, QQ international , QQ music, QQ Mail, AA player, QQ News Feed, Wesync, QQ security Center, Selfie City, Mail Master, Mi Video Call -Xaomi and QQ launcher.

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.
Agencies
February 26,2020

Unnao, Feb 26: Ever heard of someone wishing a 'bright future' for the dead? In a bizarre incident in Uttar Pradesh's Unnao district, a village head issued a death certificate with the wish for an elderly man who had died last month.

The incident took place in the Sirwariya village in Asoha block where an elderly person Laxmi Shankar died after a prolonged illness on January 22.

His son went to the village head Babulal and requested him to issue a death certificate that he needed for some financial transactions.

Babulal not only issued the death certificate, but also 'wished' 'a bright future for the deceased' on the document.

The village head wrote in the death certificate -- "Main inke ujjwal bhavishya ki kaamna karta hoon (I wish him a bright future)."

The letter went viral on the social media on Monday after which the village head apologised for the error and issued a new death certificate.

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.