Android malware 'Judy' may have infected 36 millions android users already. Security researchers found that the malware Judy was found on over 40 apps. These apps were highly rated in Google Play store. These apps were there in Google Play store for several years.
This has described as possibly the largest malware campaign in Google Play store.
This malware generates large number of fraudulent clicks on advertisements for generating revenues. These apps were developed by Korean company.
Checkpoint has found several other apps in the Google Play Store that are containing the malware which were developed by other developers.
Once Google is aware of these infected apps, they have swiftly removed all the infected apps from the plat store.
One of the Judy apps were: Chef Judy: Picnic Lunch Maker developed by ENISTUDIO Corp.
Once a user downloads a malicious app, it silently registers which establish a connection with the Command and Control server (C & C). The server replies with a user agent string and URLs controlled by the malware author.
The malware then open a hidden browser and hit a targeted website and finds the ad frame and click on it.
Upon clicking the ads, the malware author receives payment from the website developer.
Who developed Judy?
This was developed by a Korean Company named Kiniwini which is registered in Google Play store as ENISTUDIO Corp.
List of malicious apps developed by Kiniwini:
| Package Name | App Name |
| air.com.eni.FashionJudy061 | Fashion Judy: Snow Queen style |
| air.com.eni.AnimalJudy013 | Animal Judy: Persian cat care |
| air.com.eni.FashionJudy056 | Fashion Judy: Pretty rapper |
| air.com.eni.FashionJudy057 | Fashion Judy: Teacher style |
| air.com.eni.AnimalJudy009 | Animal Judy: Dragon care |
| air.com.eni.ChefJudy058 | Chef Judy: Halloween Cookies |
| air.com.eni.FashionJudy074 | Fashion Judy: Wedding Party |
| air.com.eni.AnimalJudy036 | Animal Judy: Teddy Bear care |
| air.com.eni.FashionJudy062 | Fashion Judy: Bunny Girl Style |
| air.com.eni.FashionJudy009 | Fashion Judy: Frozen Princess |
| air.com.eni.ChefJudy055 | Chef Judy: Triangular Kimbap |
| air.com.eni.ChefJudy062 | Chef Judy: Udong Maker – Cook |
| air.com.eni.FashionJudy067 | Fashion Judy: Uniform style |
| air.com.eni.AnimalJudy006 | Animal Judy: Rabbit care |
| air.com.eni.FashionJudy052 | Fashion Judy: Vampire style |
| air.com.eni.AnimalJudy033 | Animal Judy: Nine-Tailed Fox |
| air.com.eni.ChefJudy059 | Chef Judy: Jelly Maker – Cook |
| air.com.eni.ChefJudy056 | Chef Judy: Chicken Maker |
| air.com.eni.AnimalJudy018 | Animal Judy: Sea otter care |
| air.com.eni.AnimalJudy035 | Animal Judy: Elephant care |
| air.com.eni.JudyHappyHouse | Judy’s Happy House |
| air.com.eni.ChefJudy036 | Chef Judy: Hotdog Maker – Cook |
| air.com.eni.ChefJudy063 | Chef Judy: Birthday Food Maker |
| air.com.eni.FashionJudy051 | Fashion Judy: Wedding day |
| air.com.eni.FashionJudy058 | Fashion Judy: Waitress style |
| air.com.eni.ChefJudy057 | Chef Judy: Character Lunch |
| air.com.eni.ChefJudy030 | Chef Judy: Picnic Lunch Maker |
| air.com.eni.AnimalJudy005 | Animal Judy: Rudolph care |
| air.com.eni.JudyHospitalBaby | Judy’s Hospital:pediatrics |
| air.com.eni.FashionJudy068 | Fashion Judy: Country style |
| air.com.eni.AnimalJudy034 | Animal Judy: Feral Cat care |
| air.com.eni.FashionJudy076 | Fashion Judy: Twice Style |
| air.com.eni.FashionJudy072 | Fashion Judy: Myth Style |
| air.com.eni.AnimalJudy022 | Animal Judy: Fennec Fox care |
| air.com.eni.AnimalJudy002 | Animal Judy: Dog care |
| air.com.eni.FashionJudy049 | Fashion Judy: Couple Style |
| air.com.eni.AnimalJudy001 | Animal Judy: Cat care |
| air.com.eni.FashionJudy053 | Fashion Judy: Halloween style |
| air.com.eni.FashionJudy075 | Fashion Judy: EXO Style |
| air.com.eni.ChefJudy038 | Chef Judy: Dalgona Maker |
| air.com.eni.ChefJudy064 | Chef Judy: ServiceStation Food |
| air.eni.JudySpaSalon | Judy’s Spa Salon |
List of apps developed by other developers:
| Package Name | App Name |
| com.CoupleDday | 커플디데이 (커플기념일, 위젯) |
| com.DogSound | Dog Music (Relax) |
| com.kakaotalkchatanalyst.ks | 카카오톡 대화분석기 |
| com.PeriodCalendar | 황금기 알리미 (여성달력) |
| com.MoneyBook | 100억 가계부 |
| com.lee.katocpic | KatocPic(카톡픽) – 카톡프로필 |
| com.appnapps.app77 | 필수추천 무료어플 77 |
| com.sundaybugs.spring.free | Spring-It’s stylish, it’s sexy |
| com.lx5475.craftingbox2 | Crafting Guide for Minecraft |
For more details check out the checkpoint page http://blog.checkpoint.com/2017/05/25/judy-malware-possibly-largest-malware-campaign-found-google-play/
- 28 reads