Posted on May 29, 2017 at 9:33 AM
Dozens of apps for Android smartphones were discovered to have a malicious software that infects users’ devices via ads. The discovery was made on Thursday, by an online security company called Checkpoint. They say that the infected apps were available through Google Play Store in at least one case and that it seems that the apps spent an entire year undiscovered.
So far, it’s unknown how much the infection has spread, but the security company that had discovered it claims the possibility of over 36.5 million infected users. If their expectations are true, that would make this one of the most widely-spread infections ever found on Google Play Store. Immediately after the malicious apps were discovered, Google was notified of the situation, and the apps were, of course, removed.
The apps that were infected were mostly related to things like casual cooking, and also the series of the ‘Judy’ fashion games, after which the malware was named as well. After the malicious programs were downloaded and installed, they proceeded to download payloads from non-Google servers, which is most likely the reason why they remained undetected in the Play Store for so long. The code that’s, at this point, located in the infected device would then click by itself on the Google ads, which generated fraudulent revenue for the hacker that posted the apps.
And when it comes to the Checkpoint’s predictions concerning the infection, there’s even a possibility of them being wrong. This means that the infection might be even more widely spread than they guessed. This is because of the fact that not all of the ‘Judy’ apps were considered when the number of downloads was calculated. Still, all of the apps in the series were pulled from the Store automatically,
It’s believed that these ‘Judy’ apps were uploaded and published by a Korean source that’s only known as ENISTUDIO. However, this isn’t the only source of the malicious apps, and the infection was found on the applications from some of the other sources as well. There’s an entire handful of publishers that are currently known for having their apps infected, and researchers still aren’t sure how that works.
When it comes to malware infections, this isn’t the first big one that came from Google Play Store. This isn’t even the most damaging one at that since there was no proof that any of the data from the infected phones were compromised by ‘Judy’. The fact that this malware was able to survive unnoticed on the Google Play Store for so long is proof enough that the Android system is less secure than Apple’s iOS, despite the fact that it’s more open.