Judy malware which affected 36.5 million Android users: the complete list of infected Google Play Store apps
Security researchers from Check Point have unearthed one of the
largest malware campaigns to affect Android devices. The malware is
named “Judy” after a series of 41 applications developed by a Korean
company which had the malware.
Apps from several other developers also had the same malware, and the connection between these apps and the Korean ones is not clear. The malicious code from the applications with the malware could may have been knowingly or unknowingly replicated by third-party developers.
The malware generates clicks on advertisements, which allows the attackers to charge advertisers for the clicks. Judy has to communicate with a command and control server for its operations. The malware had been on applications since 2016. There have been between 4.5 and 18.5 million downloads of the applications, which means anywhere between 8.5 million to 36.5 million users could have been affected by the malware. Google has pulled down the infected applications from the Play Store after being alerted by Check Point.
Check Point has clarified that the malware is not just about aggressive advertising, although the affected applications do display an inordinate number of advertisements.
The Korean company thought to be the source is known as Kiniwini, which is registered in the Android Play Store as ENISTUDIO corp and publishes applications for both Android and iOS. It is unusual for such malware to be associated with a registered entity, according to the researchers. More details on the malware and how it operates can be found in a blog post by Check Point.
In what would be one of the biggest malware stories of our time, the security researchers at Check Point had unearthed an Android malware campaign that could have infected up to 36.5 million Android users to date. The malware called “Judy” has spread or rather had been spreading, undetected over the past year in the form of 41 applications that have been available for download on the Google Play Store.
After being informed by Check Point Google reacted by quickly taking down all of these 41 applications from the Play Store. Unfortunately for Android users, the damage had already been done.
The apps did not come from one developer but several developers who all had the same malware. For now it isn’t clear whether the developers were connected. What Check Point did reveal was that the code could have been replicated by third-party developers adding some more developers to that list.
Judy works by generating clicks on advertisements. This allows hackers to charge advertisers for the clicks, getting them plenty of money in return.
From the Check Point report these applications have been downloaded between 4.5 to 18.5 million times and there is a big chance that users could have been a victim of the Judy malware.
Thanks to Check Point, we now have a long list of apps developed by Korea-based Kiniwini, that happens to be a registered developer on the Google Play Store. Oddly, these also happen to be apps that have received 4 star ratings complete with positive reviews on the Play Store.
If you are a bit confused as to which are of these apps are infected and which are not? A simple solution is to simply uninstall any app with the word “Judy” in it.
Apps from several other developers also had the same malware, and the connection between these apps and the Korean ones is not clear. The malicious code from the applications with the malware could may have been knowingly or unknowingly replicated by third-party developers.
The malware generates clicks on advertisements, which allows the attackers to charge advertisers for the clicks. Judy has to communicate with a command and control server for its operations. The malware had been on applications since 2016. There have been between 4.5 and 18.5 million downloads of the applications, which means anywhere between 8.5 million to 36.5 million users could have been affected by the malware. Google has pulled down the infected applications from the Play Store after being alerted by Check Point.
Check Point has clarified that the malware is not just about aggressive advertising, although the affected applications do display an inordinate number of advertisements.
The Korean company thought to be the source is known as Kiniwini, which is registered in the Android Play Store as ENISTUDIO corp and publishes applications for both Android and iOS. It is unusual for such malware to be associated with a registered entity, according to the researchers. More details on the malware and how it operates can be found in a blog post by Check Point.
In what would be one of the biggest malware stories of our time, the security researchers at Check Point had unearthed an Android malware campaign that could have infected up to 36.5 million Android users to date. The malware called “Judy” has spread or rather had been spreading, undetected over the past year in the form of 41 applications that have been available for download on the Google Play Store.
After being informed by Check Point Google reacted by quickly taking down all of these 41 applications from the Play Store. Unfortunately for Android users, the damage had already been done.
The apps did not come from one developer but several developers who all had the same malware. For now it isn’t clear whether the developers were connected. What Check Point did reveal was that the code could have been replicated by third-party developers adding some more developers to that list.
Judy works by generating clicks on advertisements. This allows hackers to charge advertisers for the clicks, getting them plenty of money in return.
From the Check Point report these applications have been downloaded between 4.5 to 18.5 million times and there is a big chance that users could have been a victim of the Judy malware.
Thanks to Check Point, we now have a long list of apps developed by Korea-based Kiniwini, that happens to be a registered developer on the Google Play Store. Oddly, these also happen to be apps that have received 4 star ratings complete with positive reviews on the Play Store.
If you are a bit confused as to which are of these apps are infected and which are not? A simple solution is to simply uninstall any app with the word “Judy” in it.
| App name | Date | Developer |
| Fashion Judy: Snow Queen style | 24.3.17 | Kiniwini |
| Animal Judy: Persian cat care | 14.4.17 | Kiniwini |
| Fashion Judy: Pretty rapper | 24.3.17 | Kiniwini |
| Fashion Judy: Teacher style | 24.3.17 | Kiniwini |
| Animal Judy: Dragon care | 14.4.17 | Kiniwini |
| Chef Judy: Halloween Cookies | 10.4.17 | Kiniwini |
| Fashion Judy: Wedding Party | 7.4.17 | Kiniwini |
| Animal Judy: Teddy Bear care | 16.4.17 | Kiniwini |
| Fashion Judy: Bunny Girl Style | 24.3.17 | Kiniwini |
| Fashion Judy: Frozen Princess | 7.4.17 | Kiniwini |
| Chef Judy: Triangular Kimbap | 10.4.17 | Kiniwini |
| Chef Judy: Udong Maker – Cook | 10.4.17 | Kiniwini |
| Fashion Judy: Uniform style | 24.3.17 | Kiniwini |
| Animal Judy: Rabbit care | 14.4.17 | Kiniwini |
| Fashion Judy: Vampire style | 24.3.17 | Kiniwini |
| Animal Judy: Nine-Tailed Fox | 18.4.17 | Kiniwini |
| Chef Judy: Jelly Maker – Cook | 10.4.17 | Kiniwini |
| Chef Judy: Chicken Maker | 10.4.17 | Kiniwini |
| Animal Judy: Sea otter care | 14.4.17 | Kiniwini |
| Animal Judy: Elephant care | 16.4.17 | Kiniwini |
| Judy’s Happy House | 10.4.17 | Kiniwini |
| Chef Judy: Hotdog Maker – Cook | 29.3.17 | Kiniwini |
| Chef Judy: Birthday Food Maker | 10.4.17 | Kiniwini |
| Fashion Judy: Wedding day | 20.4.17 | Kiniwini |
| Fashion Judy: Waitress style | 24.3.17 | Kiniwini |
| Chef Judy: Character Lunch | 10.4.17 | Kiniwini |
| Chef Judy: Picnic Lunch Maker | 10.4.17 | Kiniwini |
| Animal Judy: Rudolph care | 14.4.17 | Kiniwini |
| Judy’s Hospital:pediatrics | 10.4.17 | Kiniwini |
| Fashion Judy: Country style | 24.3.17 | Kiniwini |
| Animal Judy: Feral Cat care | 16.4.17 | Kiniwini |
| Fashion Judy: Twice Style | 20.4.17 | Kiniwini |
| Fashion Judy: Myth Style | 20.4.17 | Kiniwini |
| Animal Judy: Fennec Fox care | 14.4.17 | Kiniwini |
| Animal Judy: Dog care | 14.4.17 | Kiniwini |
| Fashion Judy: Couple Style | 24.3.17 | Kiniwini |
| Animal Judy: Cat care | 14.4.17 | Kiniwini |
| Fashion Judy: Halloween style | 7.4.17 | Kiniwini |
| Fashion Judy: EXO Style | 7.4.17 | Kiniwini |
| Chef Judy: Dalgona Maker | 28.3.17 | Kiniwini |
| Chef Judy: ServiceStation Food | 10.4.17 | Kiniwini |
| Judy’s Spa Salon | 10.4.17 | Kiniwini |
| 커플디데이 (커플기념일, 위젯) | 2-Apr-17 | Neoroid |
| Dog Music (Relax) | 29-Jun-16 | Neoroid |
| 카카오톡 대화분석기 | 25-Feb-16 | DeepEnjoy |
| 황금기 알리미 (여성달력) | 20-Apr-16 | Neoroid |
| 100억 가계부 | 2-Apr-17 | 그린 스튜디오 |
| KatocPic(카톡픽) – 카톡프로필 | 23-Aug-16 | Wontime |
| 필수추천 무료어플 77 | 5-Feb-17 | App&Apps |
| Spring-It’s stylish, it’s sexy | 30-Sep-16 | Sundaybugs |
| Crafting Guide for Minecraft | 4-May-17 | JIZARD |
Post a Comment