After the WannaCry virus, netizens have another thing virus to worry about. A new malware called ‘Judy’ has infected nearly 36.5 million Android devices across the globe. Reports suggest that Judy, which is an auto-clicking ad-ware, has been found in 41 apps in the Google Play Store. The malware produces false clicks from the infected systems to generate revenue from advertisements for the attackers.
Researchers from the data security firm Check Point first discovered the malware on Google Play Store and the company has already alerted the search engine giant, which is working to mitigate the problem and removing the infected apps from its apps store.
Judy malware app (Photo: Express archives)
Here’s what you should know about the Judy malware:
What is Judy and how does it work?
Judy malware is a virus that basically produces fake click on the advertisements in the app so that its perpetrators can earn revenue from the app developers.
Judy works by bypassing Bouncer, which is a tool Google uses to secure its app. Judy creates a seemingly harmless connection between the infected device and the attackers, which essentially delivers the malicious payload. The malicious payload includes JavaScript code, URLs by the attackers and a user-agent string.
Judy malware (Photo: Facebook)
Judy then opens the URLs using the user-agent string that mimics the web browser of the infected system and is used to launch the targeted websites. Once the targeted website is launched, Judy uses the JavaScript code to locate the infected device and click on the advertisement based on the Google ads infrastructure.
ALSO READ: Ransomware attack: Image of Russian priest spraying holy water on computers is FAKE
With every click, the attackers receive payment from the website developers. Apart from this, Judy also displays a large number of advertisements on the app, which in some cases might force users to click on the advertisements.
Who developed Judy malware?
Judy has been developed by a Korean company called Kiniwini. The company has been registered on Google Play Store as ENISTUDIO corp.
ALSO READ: All you need to know about the Ransomware attack
How can I protect my device from Judy?
Google is already working towards removing the infected apps from its apps store. Apart from this, you can update the software on your smartphones. These updates usually contain security patches that can protect your system from such malicious softwares.
(Source: Check Point)
For interesting tech videos from InUth, follow us on Youtube.com/InUthdotcom
