*New Android Malware Infects Over 36.5 Million Phones

TechViews News   …..

Security researchers at Check Point Security recently discovered a malware scam in Google’s Play Store. The malware dubbed “Judy” has been hiding behind the scenes on 41 specific apps that have been available in the Play Store for years, so it’s unclear how long they have been infecting devices.

The malicious apps were developed by the Korean company, Kiniwini, listed in the Play Store as ENISTUDIO corp. The impacted apps have been downloaded millions of times and may have been spread to over 36 million users.

Moreover, the researchers also uncovered a few more apps, published by other developers on the Apple Store, inexplicably containing the same the malware in them. The connection between the two campaigns remains unclear, though researchers believe it is possible that one developer borrowed code from the other.

This is how it works — the user downloads an app from the Play Store and at that point, it’s not malicious. But once the user opens the app, it connects to its Command and Control server (C&C) and installs the malicious code.

“The malware opens the URLs using the user agent that imitates a PC browser in a hidden webpage and receives a redirection to another website,” the researchers say. “Once the targeted website is launched, the malware uses the JavaScript code to locate and click on banners from the Google ads infrastructure.”

The app then works behind the scenes as a moneymaker for the person behind the scam. It makes money by clicking on ads without the users’ knowledge, bringing in millions of dollars for the scammers.

If your gadget is infected with adware, you most likely won’t notice. It appears that most of these impacted apps are games or ones that children would have downloaded. So it’s a good idea to share this article with family and friends who have kids.

Here is a list of the affected apps:

  • Animal Judy: Rudolph care
  • Animal Judy: Fennec Fox care
  • Animal Judy: Dog care
  • Animal Judy: Cat care
  • Animal Judy: Persian cat care
  • Animal Judy: Dragon care
  • Animal Judy: Teddy Bear care
  • Animal Judy: Rabbit care
  • Animal Judy: Nine-Tailed Fox
  • Animal Judy: Sea otter care
  • Animal Judy: Elephant care
  • Animal Judy: Feral Cat care
  • Chef Judy: Character Lunch
  • Chef Judy: Picnic Lunch Maker
  • Chef Judy: Dalgona Maker
  • Chef Judy: Service Station Food
  • Chef Judy: Hotdog Maker – Cook
  • Chef Judy: Birthday Food Maker
  • Chef Judy: Halloween Cookies
  • Chef Judy: Triangular Kimbap
  • Chef Judy: Udong Maker – Cook
  • Chef Judy: Jelly Maker – Cook
  • Chef Judy: Chicken Maker
  • Fashion Judy: Wedding day
  • Fashion Judy: Waitress style
  • Fashion Judy: Country style
  • Fashion Judy: Myth Style
  • Fashion Judy: Couple Style
  • Fashion Judy: Halloween Style
  • Fashion Judy: EXO Style
  • Fashion Judy: Snow Queen style
  • Fashion Judy: Pretty rapper
  • Fashion Judy: Teacher style
  • Fashion Judy: Wedding Party
  • Fashion Judy: Bunny Girl Style
  • Fashion Judy: Frozen Princess
  • Fashion Judy: Uniform style
  • Fashion Judy: Vampire style
  • Judy’s Happy House
  • Judy’s Hospital: Pediatrics
  • Judy’s Spa Salon

If you or anyone you know has downloaded one of the affected apps on the list, you need to delete the app from your gadget.

First you need to revoke the app’s permissions. To revoke permissions to apps, visit your Google account settings page. From there, click on “Connected apps & sites” under “Sign-in & Security.” On the next page, click “Manage Apps” and you will see a list of your connected apps and their access level. Just click on all affected apps and select “Remove.”

Once you have revoked permissions from the affected apps, it’s safe to delete the apps from your gadget. They will no longer be clicking ads in the background and your device will be good to go.

After learning about the malicious apps, Google removed them from the Play Store. If you or anyone you know previously downloaded any of them, make sure to follow the instructions listed above to remove permissions and delete the apps from all devices. Even if you use an Apple device, you need to check and see if you have one of the above mentioned games on your device as well.

Be Safe – Backup Your Data Regularly!

**********

And don’t forget to take advantage of our FREE subscription to the TechViews.org Newsletter. A must-read if you are interested in Internet Security.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s