1. Home
  2. Judy Malware infects 36.5 million Android users, Google removes infected apps

Judy Malware infects 36.5 million Android users, Google removes infected apps

[email protected] (Agencies)
May 29, 2017

May 29: A new malware named "Judy" has found in over 41 apps on the Google Play Store, and it has infected between 8.5 million to 36.5 million users. This is according to a report from security research firm Check Point, which discovered the malware and alerted Google. The search giant has started removing these infected apps from the Play Store.judy

However, "Judy Malware" infected apps have managed to research over 4.5 million to 18.5 million downloads on the Google Play Store. According to a blogpost by Check Point, Judy Malware is “auto-clicking adware,” and the firm spotted tapps developed by a company based in South Korea.

The company"s name is Kiniwini, which is mentioned on the Google Play Store as ENISTUDIO corp, say the researchers. This firm developers apps for Android, iOS. The auto-clicking adware would basically use these infected devices to create false clicks on ads, and thus generate revenue for the people behind this.

Check Point notes in the blog post, “The malicious apps reached an astonishing spread between 4.5 million and 18.5 million downloads. Some of the apps we discovered resided on Google Play for several years, but all were recently updated.

The researchers have also found other apps on the Google Play Store, which contain the malware, and these were developed by other companies. The research firm notes that code was present in an app since April 2016, so basically it managed to escape Google"s scrutiny for nearly an year.

So what exactly is "Judy" malware, and how does it work?

The idea with Judy malware is to create false clicks on ads, and thus boost revenue of these companies. Essentially the Judy malware bypassed Google Play Store"s protection, and the hackers created a “seemingly benign bridgehead app, meant to establish connection to the victim"s device, and insert it into the app store.”

After the app is downloaded, it manages to set up a connection with the Control and Command server, which delivers the actual malicious payload. This includes the “JavaScript code, a user-agent string and URLs controlled by the malware author,” explains the firm.

These URLs open a targeted website, and the code is used to click on banners from the Google ad tech. Each click mean payment for the creator of the malware from the website developer. It finds ads by looking for iframes, which have ads from Google ads infrastructure.

The Judy Malware fiasco shows that even Google Play Store tends to miss out on malware at times, as it clearly did in this case. Google says that their Play Store works around the clock to automatically identify malware and apps that can pose can risk to the user. But in the case of Judy malware, this is a big miss.

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.
Agencies
July 4,2020

The Mars Colour Camera (MCC) onboard ISRO's Mars Orbiter Mission has captured the image of Phobos, the closest and biggest moon of Mars.

The image was taken on July 1 when MOM was about 7,200 km from Mars and 4,200 km from Phobos.

"Spatial resolution of the image is 210 m.

This is a composite image generated from 6 MCC frames and has been color corrected," ISRO said in an update along with the image.

Phobos is largely believed to be made up of carbonaceous chondrites.

According to ISRO, "the violent phase that Phobos has encountered is seen in the large section gouged out from a past collision (Stickney crater) and bouncing ejecta."

"Stickney, the largest crater on Phobos along with the other craters (Shklovsky, Roche & Grildrig) are also seen in this image," it said.

The mission also known as Mangalyaan was initially meant to last six months, but subsequently ISRO had said it had enough fuel for it to last "many years."

The country had on September 24, 2014 successfully placed the Mars Orbiter Mission spacecraft in orbit around the red planet, in its very first attempt, thus breaking into an elite club.

ISRO had launched the spacecraft on its nine-month- long odyssey on a homegrown PSLV rocket from Sriharikota in Andhra Pradesh on November 5, 2013.

It had escaped the earth's gravitational field on December 1, 2013.

The Rs 450-crore MOM mission aims at studying the Martian surface and mineral composition as well as scan its atmosphere for methane (an indicator of life on Mars).

The Mars Orbiter has five scientific instruments - Lyman Alpha Photometer (LAP), Methane Sensor for Mars (MSM), Mars Exospheric Neutral Composition Analyser (MENCA), Mars Colour Camera (MCC) and Thermal Infrared Imaging Spectrometer

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.
Agencies
February 29,2020

Ahmedabad, Feb 29: The presence of two feral pigeons onboard a GoAir flight at the airport in Ahmedabad in Gujarat created a flutter among the amused passengers, even though the avian surprise did not lead to any untoward incident or delay in the flight.

The incident took place on Friday when the passengers were boarding the Ahmedabad-Jaipur flight.

"Two pigeons had found their way inside the flight G8 702 while the passengers were boarding," an airline statement said on Saturday.

"The crew immediately shooed away the birds. The flight took off at its scheduled time at 5 p.m.," it added.

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.
Agencies
March 7,2020

New Delhi, Mar 7: The Union government has issued a Global Invite for Expression of Interest for disinvestment in Bharat Petroleum Corporation Limited (BPCL) from prospective bidders with a minimum net worth of $10 billion as of Saturday.

The EoI submissions can be made till May 2, whereas investor queries will be entertained till April 4.

Another condition pertains to a maximum of four members are permitted in a consortium, and the lead member must hold 40 per cent in proportion. Other members of the consortium must have a minimum $1 billion net worth.

The EOI allows changes in the consortium within 45 days, though the lead member cannot be changed.

The GoI proposes to disinvest its entire shareholding in BPCL comprising 1,14,91,83,592 equity shares held through the Ministry of Petroleum and Natural Gas, which constitutes 52.98 per cent of BPCL's equity share capital, along with the transfer of management control to the strategic buyer (except BPCL's equity shareholding of 61.65 per cent in Numaligarh Refinery Limited (NRL) and management control thereon).

The shareholding of BPCL in NRL will be transferred to a Central Public Sector Enterprise operating in the oil and gas sector under the Ministry and accordingly is not a part of the proposed transaction.

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.