1. Home
  2. Judy Malware infects 36.5 million Android users, Google removes infected apps

Judy Malware infects 36.5 million Android users, Google removes infected apps

[email protected] (Agencies)
May 29, 2017

May 29: A new malware named "Judy" has found in over 41 apps on the Google Play Store, and it has infected between 8.5 million to 36.5 million users. This is according to a report from security research firm Check Point, which discovered the malware and alerted Google. The search giant has started removing these infected apps from the Play Store.judy

However, "Judy Malware" infected apps have managed to research over 4.5 million to 18.5 million downloads on the Google Play Store. According to a blogpost by Check Point, Judy Malware is “auto-clicking adware,” and the firm spotted tapps developed by a company based in South Korea.

The company"s name is Kiniwini, which is mentioned on the Google Play Store as ENISTUDIO corp, say the researchers. This firm developers apps for Android, iOS. The auto-clicking adware would basically use these infected devices to create false clicks on ads, and thus generate revenue for the people behind this.

Check Point notes in the blog post, “The malicious apps reached an astonishing spread between 4.5 million and 18.5 million downloads. Some of the apps we discovered resided on Google Play for several years, but all were recently updated.

The researchers have also found other apps on the Google Play Store, which contain the malware, and these were developed by other companies. The research firm notes that code was present in an app since April 2016, so basically it managed to escape Google"s scrutiny for nearly an year.

So what exactly is "Judy" malware, and how does it work?

The idea with Judy malware is to create false clicks on ads, and thus boost revenue of these companies. Essentially the Judy malware bypassed Google Play Store"s protection, and the hackers created a “seemingly benign bridgehead app, meant to establish connection to the victim"s device, and insert it into the app store.”

After the app is downloaded, it manages to set up a connection with the Control and Command server, which delivers the actual malicious payload. This includes the “JavaScript code, a user-agent string and URLs controlled by the malware author,” explains the firm.

These URLs open a targeted website, and the code is used to click on banners from the Google ad tech. Each click mean payment for the creator of the malware from the website developer. It finds ads by looking for iframes, which have ads from Google ads infrastructure.

The Judy Malware fiasco shows that even Google Play Store tends to miss out on malware at times, as it clearly did in this case. Google says that their Play Store works around the clock to automatically identify malware and apps that can pose can risk to the user. But in the case of Judy malware, this is a big miss.

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.
Agencies
June 29,2020

New Delhi, Jun 29: Witnessing azure skies and breathable air for the last three months, Delhi on Monday recorded deterioration in its air quality, with particulate matter with diameter of 2.5 and 10 microns -- too small to be filtered out of the human body -- standing at 52 and 297 micrograms per cubic respectively.

Gufran Beig, Project Director of System of Air Quality Weather Forecasting and Research (SAFAR), said that the sudden spike in air pollution is due to a mild dust storm blowing from Rajasthan.

"Since the wind direction is changing and moist air is coming in, the air quality in Delhi will become better by tomorrow," Beig told IANS.

Central Pollution Control Board (CPCB) data showed that the overall air quality near Delhi Technical University (DTU) area stood at 326 micrograms per cubic, followed by 308 at Narela and 307 at Mundka.

Out of 36 stations, the AQI in as many as 30 stations was above 200 micrograms per cubic till 1 pm on Monday.

The System of Air Quality Weather Forecasting and Research categorises air quality in the 0-50 range as good, 51-100 as satisfactory, 101-200 as moderate, 201-300 as poor, 301-400 as very poor, and above 400 as severe.

According to SAFAR's website, "PM 10 (coarser dust particle) is the lead pollutant. AQI is likely to improve to moderate category by tomorrow, and further improvement is expected by July 1."

Researchers indicated that PM 10 and PM 2.5 will be 170 and 47 micrograms per cubic on Tuesday.

With no vehicles plying on the roads or industries shut due to the lockdown since March 25, Delhi's air quality had improved drastically.

According to a study conducted by the Indian Institute of Technology (IIT), Delhi, if the low levels of air pollution reached during the lockdown period are maintained, India's annual death toll could reduce by 6.5 lakh.

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.
Agencies
July 11,2020

Citing the current dismal aviation scenario, Air India is terminating the services of trainee cabin crew and cabin crew by withdrawing the offer of employment of those who were under training.

As per sources, the new crew and trainee pilots might reduce contracts from five years to one year. Sources said Air India is terminating 1,200 crew and employees who are more than 55-yr-old including 190 trainee pilots.

In a letter reviewed by IANS, Air India has informed an applicant who had been selected as cabin crew in August 2019 subject to successful completion of training.

"On behalf of Air India we would like to thank you for the interest shown by you in joining our organization. However, in view of the current aviation scenario, it would not be possible for Air India to impart any further training to you for engaging your services," the company said.

"In view of the above reasons, which are beyond the control of the company, it has been decided to discontinue your training arrangements and dispense with the offer of engagement with immediate effect. The bank guarantee furnished by you at the time of joining is returned herewith," Air India told the cabin crew.

"Once again on behalf of Air India we thank you for your cooperation and trust that you will appreciate the circumstances under which we are constrained to discontinue the training arrangements," the carrier said.

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.
News Network
March 18,2020

San Francisco, Mar 18: Facebook said a bug in its anti-spam system temporarily blocked the publication of links to news stories about the coronavirus. Guy Rosen, Facebook's vice president of integrity, said on Twitter Tuesday that the company was working on a fix for the problem.

Users complained that links to news stories about school closings and other information related to the virus outbreak were blocked by the company's automated system.

Later on Tuesday, Rosen tweeted that Facebook had restored all the incorrectly deleted posts, which also covered topics beyond the coronavirus.

Rosen said the problems were unrelated to any changes in Facebook's content-moderator workforce. The company reportedly sent its human moderators home this week because of the coronavirus outbreak.

A representative for Facebook did not immediately respond to questions on the status of Facebook's content moderators, many of whom do not work directly for the company and are not always able to work from home.

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.