Prajwal Desai

SCCM | ConfigMgr | Intune | Windows 11 | Azure

  • Home
  • Cloud
    • Autopilot
    • Azure
    • Endpoint Analytics
    • Intune
    • PowerShell
    • Teams
    • Windows 365
  • Microsoft
    • Active Directory
    • Group Policy
    • SCCM
    • SCOM
    • Windows 10
    • Windows 11
    • Windows Server
    • WSUS
  • Software
  • Forums
  • Newsletter
  • Contact
Notification Show More
Latest News
Fix Windows Autopilot Reset Error 0x80070032
Fix Windows Autopilot Reset Error 0x80070032
Autopilot Intune
Windows activation error 0xc004c020
Fix: Windows Activation Error 0xC004C020 with 2 Easy Methods
Windows 11 Windows 10
Find the Package ID of SCCM Application
3 Best Ways to Find the Package ID of SCCM Application
SCCM
SCCM Updates Install Error 0x800b0109 0x8024b303
Fix: SCCM Updates Install Error 0x800b0109 | 0x8024b303
SCCM
Disable Windows Hello for Business using Intune ftimg
Disable Windows Hello for Business using Intune – Comprehensive Guide
Intune Autopilot
Aa

Prajwal Desai

SCCM | ConfigMgr | Intune | Windows 11 | Azure

Aa
Search
  • Home
  • Cloud
    • Autopilot
    • Azure
    • Endpoint Analytics
    • Intune
    • PowerShell
    • Teams
    • Windows 365
  • Microsoft
    • Active Directory
    • Group Policy
    • SCCM
    • SCOM
    • Windows 10
    • Windows 11
    • Windows Server
    • WSUS
  • Software
  • Forums
  • Newsletter
  • Contact
Follow US

Home » Security » Millions of Android devices infected with Judy Malware

Security

Millions of Android devices infected with Judy Malware

By Prajwal Desai 1 View Add a Comment November 2, 2021 4 Min Read

I am sure many of you remember the malicious WannaCry ransomware attack. This attack was observed around the globe hitting government departments, universities and companies in many countries. Here is another malware campaign discovered by Check Point called ‘The Judy Malware‘. As per a report from Check Point, this malware is now infecting millions of Android smartphones around the globe. It is also reported that millions of android devices are infected with Judy malware and the count is around 36.5 million devices. Check point says this is the largest malware campaign found on Google Play store.

Google has already punched out the malicious Judy app from it’s store. The malware was found in total of 41 apps in the Store. This is a big count and I believe this has alerted Google to carry out further research on such malware. All the apps were published by a Korean publisher named ENISTUDIO Corp. This company develops applications for both Android and IOS platforms. Surprisingly these apps were present in google store since long time. Nobody knows when and with what update the malware was added to these apps. The below screenshot is an example of app that contained the malware.

Millions of Android devices infected with Judy Malware

How does Judy Malware infect Android phones?

When a user installs this app, it quietly registers receivers which establishes a connection with the C&C server. Once the connection is established the server initiates sending malicious payload. This payload contains JavaScript code, a user-agent string and URLs specified by coder. When the user opens the app, the malware opens the malicious URLs specified in the code. In the next step the user agent brings up a browser in a hidden webpage and redirects to another website. The user doesn’t know what’s actually happening in the background. In the next few seconds advertisements pop up. Clicking the ads provides revenues to the malware author. In conclusion i want to provide some tips to avoid such malwares that infect your phones.

- Advertisement -
Ad image

How to avoid Malware on Android Phones

  • Do not install any suspicious android apps that contains ads.
  • Install mobile AV and security app that protects against internet threats and data snoopers.
  • Uncheck Install from unknown sources from settings.
  • It is recommended to buy a paid version of app from trusted publisher that contains no ads.
  • Read the permissions that app requests during installation and first time run. Revoke the permissions if you think they are suspicious.
  • Read the app reviews in google store. If the reviews and ratings are bad, go for alternate app.
  • If ads are clicked by mistake, do not provide any information such as name, phone number, credit card details.
  • Install the apps only from google store and other reputable stores. Do not download and install apk’s from any other free websites.

Sign Up For Weekly Newsletter

Get the most recent information on Configuration Manager, Intune, Windows 11, Windows 365, Autopilot, Azure, Software Reviews, and much more by subscribing to the newsletter.
By signing up, you agree and acknowledge the data practices in our Privacy Policy. You may unsubscribe at any time.
Share this Article
Facebook Twitter Copy Link Print
Avatar photo
By Prajwal Desai
Follow:
Prajwal Desai is a Microsoft MVP in Enterprise Mobility. He writes articles on SCCM, Intune, Configuration Manager, Microsoft Intune, Azure, Windows Server, Windows 11, WordPress and other topics, with the goal of providing people with useful information.
Previous Article SCCM OSD Error PXE-T04 Access Violation How to Fix SCCM OSD Error PXE-T04 Access Violation
Next Article vlc_img How to deploy VLC media player using SCCM
Leave a comment Leave a comment

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Recast Sponsored AD
Ad image
Patch My PC Sponsored AD
Ad image

Latest Articles

Fix Windows Autopilot Reset Error 0x80070032
Fix Windows Autopilot Reset Error 0x80070032
Autopilot Intune
Windows activation error 0xc004c020
Fix: Windows Activation Error 0xC004C020 with 2 Easy Methods
Windows 11 Windows 10
Find the Package ID of SCCM Application
3 Best Ways to Find the Package ID of SCCM Application
SCCM
SCCM Updates Install Error 0x800b0109 0x8024b303
Fix: SCCM Updates Install Error 0x800b0109 | 0x8024b303
SCCM
Subscribe to Our Newsletter

Subscribe to our newsletter to get our newest articles instantly!

You Might Also Like

KB2267602 Defender Update Deletes Shortcuts & ASR Issues
SecurityIntune

KB2267602 Defender Update Deletes Shortcuts & ASR Issues

By Prajwal Desai
How to Disable Side Channel Mitigations for VMware VM
SoftwareSecurity

How to Disable Side Channel Mitigations for VMware VM

By Prajwal Desai
How to Enable Dark Mode for Bitdefender Total Security
SoftwareSecurity

How to Enable Dark Mode for Bitdefender Total Security

By Prajwal Desai

Removed from reading list

Undo
Welcome Back!

Sign in to your account

Lost your password?