Beware: New Google Play Store Android Malware called “Judy” Infected Around 8.5 to 36.5 Million Users

A New Android Malware Called “Judy” found in google play store infected 41 Apps which all are created by a Korean company. This “Judy” Malware is an auto-clicking adware which leads to forcing the users to Click the ads.

This Malware performing plenty of fraudulent clicks on advertisements Generated by infected applications for increasing the revenue for Malware Authors.

As per the Estimation is done by Checkpoint, “Judy” Malware Reached Around  8.5 and 36.5 million users around the world.its makes a big issue for users who all are affected by this infection since it has done a huge amount of reach.

This Malware was found on 41 apps developed by a Korean company. Playstore Malware like HummingBad, FalseGude, Dridex is threatening in a similar way of infection and especially Android users.

“Judy” Malware Downloads Estimated between 4.5 million and 18.5 million Android Users and Few apps are surviving in play store in many years.

Judy Malware in Playstore (Source: checkpoint)

How does Judy work?

A bridgehead app use for establishing a connection into victims Device which has been Bypassed the Play store Protection and inserted into app store.

The C&C server connection will Establish once user a user Downloads a Malicious App.

According to Checkpoint ,The server replies with the actual malicious payload, which includes JavaScript code, a user-agent string and URLs controlled by the malware author. The malware opens the URLs using the user agent that imitates a PC browser in a hidden webpage and receives a redirection to another website.

JavaScript code is used to locate and click on banners from the Google ads infrastructure.so once click the ads then malware authors will receive a payment from the Website Developers.

“Judy” Infected Apps and counts

According to Checkpiont Estimated Downloads of Judy Malware,

Package name	App name	Date	Min	Max
air.com.eni.FashionJudy061	Fashion Judy: Snow Queen style	24.3.17	100,000	500,000
air.com.eni.AnimalJudy013	Animal Judy: Persian cat care	14.4.17	100,000	500,000
air.com.eni.FashionJudy056	Fashion Judy: Pretty rapper	24.3.17	50,000	100,000
air.com.eni.FashionJudy057	Fashion Judy: Teacher style	24.3.17	50,000	100,000
air.com.eni.AnimalJudy009	Animal Judy: Dragon care	14.4.17	100,000	500,000
air.com.eni.ChefJudy058	Chef Judy: Halloween Cookies	10.4.17	100,000	500,000
air.com.eni.FashionJudy074	Fashion Judy: Wedding Party	7.4.17	50,000	100,000
air.com.eni.AnimalJudy036	Animal Judy: Teddy Bear care	16.4.17	5,000	10,000
air.com.eni.FashionJudy062	Fashion Judy: Bunny Girl Style	24.3.17	50,000	100,000
air.com.eni.FashionJudy009	Fashion Judy: Frozen Princess	7.4.17	50,000	100,000
air.com.eni.ChefJudy055	Chef Judy: Triangular Kimbap	10.4.17	50,000	100,000
air.com.eni.ChefJudy062	Chef Judy: Udong Maker – Cook	10.4.17	10,000	50,000
air.com.eni.FashionJudy067	Fashion Judy: Uniform style	24.3.17	10,000	50,000
air.com.eni.AnimalJudy006	Animal Judy: Rabbit care	14.4.17	100,000	500,000
air.com.eni.FashionJudy052	Fashion Judy: Vampire style	24.3.17	100,000	500,000
air.com.eni.AnimalJudy033	Animal Judy: Nine-Tailed Fox	18.4.17	100,000	500,000
air.com.eni.ChefJudy059	Chef Judy: Jelly Maker – Cook	10.4.17	50,000	100,000
air.com.eni.ChefJudy056	Chef Judy: Chicken Maker	10.4.17	50,000	100,000
air.com.eni.AnimalJudy018	Animal Judy: Sea otter care	14.4.17	100,000	500,000
air.com.eni.AnimalJudy035	Animal Judy: Elephant care	16.4.17	5,000	10,000
air.com.eni.JudyHappyHouse	Judy’s Happy House	10.4.17	100,000	500,000
air.com.eni.ChefJudy036	Chef Judy: Hotdog Maker – Cook	29.3.17	50,000	100,000
air.com.eni.ChefJudy063	Chef Judy: Birthday Food Maker	10.4.17	50,000	100,000
air.com.eni.FashionJudy051	Fashion Judy: Wedding day	20.4.17	100,000	500,000
air.com.eni.FashionJudy058	Fashion Judy: Waitress style	24.3.17	10,000	50,000
air.com.eni.ChefJudy057	Chef Judy: Character Lunch	10.4.17	100,000	500,000
air.com.eni.ChefJudy030	Chef Judy: Picnic Lunch Maker	10.4.17	500000	1000000
air.com.eni.AnimalJudy005	Animal Judy: Rudolph care	14.4.17	100,000	500,000
air.com.eni.JudyHospitalBaby	Judy’s Hospital:pediatrics	10.4.17	100,000	500,000
air.com.eni.FashionJudy068	Fashion Judy: Country style	24.3.17	10,000	50,000
air.com.eni.AnimalJudy034	Animal Judy: Feral Cat care	16.4.17	10,000	50,000
air.com.eni.FashionJudy076	Fashion Judy: Twice Style	20.4.17	100,000	500,000
air.com.eni.FashionJudy072	Fashion Judy: Myth Style	20.4.17	50,000	100,000
air.com.eni.AnimalJudy022	Animal Judy: Fennec Fox care	14.4.17	100,000	500,000
air.com.eni.AnimalJudy002	Animal Judy: Dog care	14.4.17	100,000	500,000
air.com.eni.FashionJudy049	Fashion Judy: Couple Style	24.3.17	100,000	500,000
air.com.eni.AnimalJudy001	Animal Judy: Cat care	14.4.17	100,000	500,000
air.com.eni.FashionJudy053	Fashion Judy: Halloween style	7.4.17	100,000	500,000
air.com.eni.FashionJudy075	Fashion Judy: EXO Style	7.4.17	50,000	100,000
air.com.eni.ChefJudy038	Chef Judy: Dalgona Maker	28.3.17	100,000	500,000
air.com.eni.ChefJudy064	Chef Judy: ServiceStation Food	10.4.17	10000	50000
air.eni.JudySpaSalon	Judy’s Spa Salon	10.4.17	1,000,000	5,000,000
Total			4,620,000	18,420,000

Also Read:

• Switcher – Android Malware Seize Routers’s DNS Settings
• User Clicks to Download Dangerous Malware By New Android Trojan “Mimics”
• Beware : Super Mario Run Android game is actually Malware. Don’t Download it