Millions of Android devices infected with Judy Malware
I am sure many of you remember the malicious WannaCry ransomware attack. This attack was observed around the globe hitting government departments, universities and companies in many countries. Here is another malware campaign discovered by Check Point called ‘The Judy Malware‘. As per a report from Check Point, this malware is now infecting millions of Android smartphones around the globe. It is also reported that millions of android devices are infected with Judy malware and the count is around 36.5 million devices. Check point says this is the largest malware campaign found on Google Play store.
Google has already punched out the malicious Judy app from it’s store. The malware was found in total of 41 apps in the Store. This is a big count and I believe this has alerted Google to carry out further research on such malware. All the apps were published by a Korean publisher named ENISTUDIO Corp. This company develops applications for both Android and IOS platforms. Surprisingly these apps were present in google store since long time. Nobody knows when and with what update the malware was added to these apps. The below screenshot is an example of app that contained the malware.
How does Judy Malware infect Android phones?
When a user installs this app, it quietly registers receivers which establishes a connection with the C&C server. Once the connection is established the server initiates sending malicious payload. This payload contains JavaScript code, a user-agent string and URLs specified by coder. When the user opens the app, the malware opens the malicious URLs specified in the code. In the next step the user agent brings up a browser in a hidden webpage and redirects to another website. The user doesn’t know what’s actually happening in the background. In the next few seconds advertisements pop up. Clicking the ads provides revenues to the malware author. In conclusion i want to provide some tips to avoid such malwares that infect your phones.
How to avoid Malware on Android Phones
- Do not install any suspicious android apps that contains ads.
- Install mobile AV and security app that protects against internet threats and data snoopers.
- Uncheck Install from unknown sources from settings.
- It is recommended to buy a paid version of app from trusted publisher that contains no ads.
- Read the permissions that app requests during installation and first time run. Revoke the permissions if you think they are suspicious.
- Read the app reviews in google store. If the reviews and ratings are bad, go for alternate app.
- If ads are clicked by mistake, do not provide any information such as name, phone number, credit card details.
- Install the apps only from google store and other reputable stores. Do not download and install apk’s from any other free websites.