Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
What is Judy Malware and how it affects phones ?
#1
The news of Judy malware comes from the blog of Check Point, a company which tracks viruses and malware which affect smartphones. Judy has spread from Play Store, Googles official app market. It is said that Judy has affected almost 8 million to 36 million Android Android users!

What is Judy?

Judy is an auto clicking adware which is found on 41 Apps developed by a Korean company. "The malicious apps reached an astonishing spread between 4.5 million and 18.5 million downloads". According to Check Point, a group named Kiniwini (registered on Google Play as ENISTUDIO corp.) is behind the attack. They are South Korean developers which develop freemium apps on both iOS and Android platforms. However, Check Point is not sure about the actual spread of the malware.

[Image: judy.png]
An app linked to Judy on Play store - Photo from blog.checkpoint.com

What does Judy do?

As said earlier Judy is an adware, which generates revenue from faking clicks on advertisements. "To bypass Bouncer, Google Play’s protection, the hackers create a seemingly benign bridgehead app, meant to establish the connection to the victim’s device, and insert it into the app store". When the user downloads the app it makes a silent connection to a c&c server, which is controlled by the developer and then they generate revenue by opening URL's using the user agent that imitates a PC browser in a hidden web page and receives a redirection to another website.


List of malicious app linked to Judy could be found here. For more information on Judy Click Here.
  


Forum Jump:


Users browsing this thread:
1 Guest(s)