Home GoAndroid Judy Malware Found on Google Play Store

Judy Malware Found on Google Play Store

May 28, 2017

There is a new piece of malware that has been found to be hidden on Google Play Store. The new malware, called Judy malware, has been inside of various apps on Google Play Store since about April 2016. The Judy malware was discovered by Check Point, which is a security firm. We have all of the latest information about Judy malware, so read on to learn more about this malware if you have an Android device.

Judy Malware Infected 41 Apps on Google Play Store

Check Point searched and found that Judy malware has infected about 41 apps that were found on Google Play Store. The infected apps have been on Google Play Store since April 2016, which means over 30 million devices could have been infected. The apps were found to be from a Korean company, although a couple unrelated apps also had Judy malware installed in them. Check Point has contacted Google and those 41 apps have been removed from Google Play Store. For people that have downloaded the apps in question, that might be too little too late since these apps were available for over a year.

If you are wondering why the malware is being called Judy malware, it is because Judy is the name of the games that the malware has been hidden inside of. The malware is hidden inside of the app, so once the person downloads the app, the malware can begin to contact the control server. The interesting thing is that the Judy malware has been able to bypass Google Play Store security because the control server contact is not happening inside of the app code.

This is allowing it to get past the various protections in place on Google Play Store. The app will phone home essentially, and once that happens, the control server will then send out the malicious coding through JavaScript. The malicious part is in the Android phone and then it will begin directing everything to the URLs from within the control server. Essentially, the person behind this will get advertisement revenue from fake clicks.

More About Judy Malware & The Company

The company that is behind the various Judy games that are on Google Play Store is called Kiniwini. When you look at the developer listing by Google, the name is ENISTUDIO corporation, and the website of the company seems to be like any other freemium Android game developer. The developer has games for both iOS and Android, and it seems Judy is basically another free game that allows you to make in-app purchases. The issue though is that there is malware in Judy, which is helping generate the fake revenue. The Android devices are being used without the person knowing about it.

There are a few other apps that have Judy malware on them that are not associated with this developer. A majority of these apps and developers are not English names, which means that it does not make sense that they are all showing up in Google Play Store. There are a couple apps with English names that are infected with Judy malware. Those apps include Crafting Guide for Minecraft, Dog Music (Relax) and Spring It’s Stylish. There arelikely millions of people out there who have downloaded these apps, which means millions of Android devices could be infected with Judy malware.

How to Protect Yourself From Judy Malware

The biggest way to protect yourself from Judy malware is to uninstall any apps that you might have downloaded onto your Android device from the specific Korean company. If you have any Judy games installed, you should immediately uninstall them. You also should try to get malware protection on your Android device. You should never download apps from third-party app stores either.

When it comes to Google Play Store and the Judy malware being able to go undetected for so long, you also should be checking out developers and games before downloading them. You should type in the name of the game to see if a company like Check Point has found them to be malicious. You also should not just rely on the reviews on Google Play Store, because these could be genuine reviews from people who do not know the app is infected.