Saturday, June 15, 2024

Beware: New Google Play Store Android Malware called “Judy” Infected Around 8.5 to 36.5 Million Users

A New Android Malware Called “Judy” found in google play store infected 41 Apps which all are created by a Korean company. This “Judy” Malware is an auto-clicking adware which leads to forcing the users to Click the ads.

This Malware performing plenty of fraudulent clicks on advertisements Generated by infected applications for increasing the revenue for Malware Authors.

As per the Estimation is done by Checkpoint, “Judy” Malware Reached Around  8.5 and 36.5 million users around the world.its makes a big issue for users who all are affected by this infection since it has done a huge amount of reach.

This Malware was found on 41 apps developed by a Korean company. Playstore Malware like HummingBadFalseGude, Dridex is threatening in a similar way of infection and especially Android users.

“Judy” Malware Downloads Estimated between 4.5 million and 18.5 million Android Users and Few apps are surviving in play store in many years.

Judy Malware in Playstore (Source: checkpoint)

How does Judy work?

A bridgehead app use for establishing a connection into victims Device which has been Bypassed the Play store Protection and inserted into app store.

The C&C server connection will Establish once user a user Downloads a Malicious App.

According to Checkpoint ,The server replies with the actual malicious payload, which includes JavaScript code, a user-agent string and URLs controlled by the malware author. The malware opens the URLs using the user agent that imitates a PC browser in a hidden webpage and receives a redirection to another website.

JavaScript code is used to locate and click on banners from the Google ads once click the ads then malware authors will receive a payment from the Website Developers.

“Judy” Infected Apps and counts

According to Checkpiont Estimated Downloads of Judy Malware,

Package nameApp nameDateMinMax Judy: Snow Queen style24.3.17100,000500,000 Judy: Persian cat care14.4.17100,000500,000 Judy: Pretty rapper24.3.1750,000100,000 Judy: Teacher style24.3.1750,000100,000 Judy: Dragon care14.4.17100,000500,000 Judy: Halloween Cookies10.4.17100,000500,000 Judy: Wedding Party7.4.1750,000100,000 Judy: Teddy Bear care16.4.175,00010,000 Judy: Bunny Girl Style24.3.1750,000100,000 Judy: Frozen Princess7.4.1750,000100,000 Judy: Triangular Kimbap10.4.1750,000100,000 Judy: Udong Maker – Cook10.4.1710,00050,000 Judy: Uniform style24.3.1710,00050,000 Judy: Rabbit care14.4.17100,000500,000 Judy: Vampire style24.3.17100,000500,000 Judy: Nine-Tailed Fox18.4.17100,000500,000 Judy: Jelly Maker – Cook10.4.1750,000100,000 Judy: Chicken Maker10.4.1750,000100,000 Judy: Sea otter care14.4.17100,000500,000 Judy: Elephant care16.4.175,00010,000’s Happy House10.4.17100,000500,000 Judy: Hotdog Maker – Cook29.3.1750,000100,000 Judy: Birthday Food Maker10.4.1750,000100,000 Judy: Wedding day20.4.17100,000500,000 Judy: Waitress style24.3.1710,00050,000 Judy: Character Lunch10.4.17100,000500,000 Judy: Picnic Lunch Maker10.4.175000001000000 Judy: Rudolph care14.4.17100,000500,000’s Hospital:pediatrics10.4.17100,000500,000 Judy: Country style24.3.1710,00050,000 Judy: Feral Cat care16.4.1710,00050,000 Judy: Twice Style20.4.17100,000500,000 Judy: Myth Style20.4.1750,000100,000 Judy: Fennec Fox care14.4.17100,000500,000 Judy: Dog care14.4.17100,000500,000 Judy: Couple Style24.3.17100,000500,000 Judy: Cat care14.4.17100,000500,000 Judy: Halloween style7.4.17100,000500,000 Judy: EXO Style7.4.1750,000100,000 Judy: Dalgona Maker28.3.17100,000500,000 Judy: ServiceStation Food10.4.171000050000
air.eni.JudySpaSalonJudy’s Spa Salon10.4.171,000,0005,000,000
Total  4,620,00018,420,000

Also Read:


Latest articles

Sleepy Pickle Exploit Let Attackers Exploit ML Models And Attack End-Users

Hackers are targeting, attacking, and exploiting ML models. They want to hack into these...

SolarWinds Serv-U Vulnerability Let Attackers Access sensitive files

SolarWinds released a security advisory for addressing a Directory Traversal vulnerability which allows a...

Smishing Triad Hackers Attacking Online Banking, E-Commerce AND Payment Systems Customers

Hackers often attack online banking platforms, e-commerce portals, and payment systems for illicit purposes.Resecurity...

Threat Actor Claiming Leak Of 5 Million Ecuador’s Citizen Database

A threat actor has claimed responsibility for leaking the personal data of 5 million...

Ascension Hack Caused By an Employee Who Downloaded a Malicious File

Ascension, a leading healthcare provider, has made significant strides in its investigation and recovery...

AWS Announced Malware Detection Tool For S3 Buckets

Amazon Web Services (AWS) has announced the general availability of Amazon GuardDuty Malware Protection...

Hackers Exploiting MS Office Editor Vulnerability to Deploy Keylogger

Researchers have identified a sophisticated cyberattack orchestrated by the notorious Kimsuky threat group.The...
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Free Webinar

API Vulnerability Scanning

71% of the internet traffic comes from APIs so APIs have become soft targets for hackers.Securing APIs is a simple workflow provided you find API specific vulnerabilities and protect them.In the upcoming webinar, join Vivek Gopalan, VP of Products at Indusface as he takes you through the fundamentals of API vulnerability scanning..
Key takeaways include:

  • Scan API endpoints for OWASP API Top 10 vulnerabilities
  • Perform API penetration testing for business logic vulnerabilities
  • Prioritize the most critical vulnerabilities with AcuRisQ
  • Workflow automation for this entire process

Related Articles