'Judy' an Android based malware has infected over 36.5 million users across the globe. One major reason why the malware could spread to such monstrous proportions is that it jumped Google's own security feature called 'bouncer'.
A dozen apps had the infected bug but Google had consistently removed most of them. However, one of these applications stayed in the hiding for a good one year before it was discovered by Google's security net.
According to Checkpoint, a security firm, the malware Judy attacked most devices in the form of simple fashion and cooking games. The malware went unnoticed because the infected payload was downloaded externally from a non-Google server, after the applications were installed. Once installed, the software used the infected phone to click on certain Google Ads to increase the revenue of the attacker.
The Checkpoint blog post stated, "the malware, dubbed "Judy", is an auto-clicking adware which was found on 41 apps developed by a Korean company. The malware uses infected devices to generate large amounts of fraudulent clicks on advertisements, generating revenues for the perpetrators behind it."
Considering that there are loopholes in Google's operating system, users should be careful with their own downloads from the Play Store. The security firm has launched a list of applications that had been infected by the malware. If your device is one of them, the only option left for you would be to back up your essential data and format the device.
The security firm claims that spread of the malware is still not confirmed as the 'Judy' has an extensive list of applications which hasn't entirely been covered in Checkpoint's analysis.
Google Play Store has taken down most of the concerned applications which were published under a Korean developer Enistudio. However, the malware was also found in a few other applications published under the name of different developers.
The report stated, "We also found several apps containing the malware, which were developed by other developers on Google Play. The connection between the two campaigns remains unclear, and it is possible that one borrowed code from the other, knowingly or unknowingly."
Though the app made it to more than 36.5 million android devices, so far there has been no evidence of any data being compromised on the infected devices. There have been previous instances where malwares like these have successfully cleared Google's screening process; one of the downsides of operating on an open operating system.