Judy is a new malware that has affected between 8.5 million to 36.5 million users, according to Check Point Research Team. The malware campaign was discovered by Check Point’s researchers on Google Play Store. This means, Android users are vulnerable to the malware.
So what does Judy malware do for Android phones, and should you be worried?
Judy malware takes generates auto-click on fake links, which in turn creates revenues for the developers behind these apps. Unlike other malware it is not stealing your data, but it is controlling the device to carry out fraudulent activities. Judy gets control of infected devices and relies on the communication with its Command and Control server (C&C) for its operation.
How long as the Judy Malware been on the Google Play Store?
Judy malware has been on the Play Store for a long time, a year to be precise. Check Point found the adware on at least 41 apps, which have been developed by a Korean company Kiniwini. It is mentioned on the Google Play Store as ENISTUDIO corp.
“The malicious apps reached an astonishing spread between 4.5 million and 18.5 million downloads,” reads Check Point’s blog post.
What is Google doing about Judy Malware? What can you do to protect your Android device and data?
Check Point Research has a list of 41 apps which have the malware. If you have any of these apps, then you to remove these from your immediately. Though Google is removing infected apps from the Play Store, it is important you take other measures to protect your smartphone:
• Use an anti-virus. Though Google Play Store has a mechanism in place to check for malicious apps, even the search giant misses out on scanning malware sometimes (as in this case). So, it is imperative you invest in a good anti-virus.
• Keep your device updated. Check if your device is up-to-date with the latest software version as well as security patches.
• Always browse an unsecured network via VPN.
• Before downloading an app, check for permissions it is asking for. Remember, your privacy is at risk, each time you download a new app. If you are not comfortable with granting permissions to certain things like contacts or camera or mic, or think the app doesn’t need access to these, simply don’t download the app. Read carefully to check for hidden permissions.