A new threat in the town for the mobile users. This malware is known as Judy which is apparently infecting Android phones. Millions of phones are getting infected by it, says Check Point, a company that tracks and analyses viruses and the malware that infect smartphones. It’s scary, what Judy is and what it does and unlike many other malware on Android phones, this one actually spreads through Google’s own play store. So, should you worry about Judy? Is your phone safe from this new malware?
Judy malware has infected over 36.5 million users across the globe. One major reason why the malware could spread is that it jumped Google’s own security feature called bouncer.A dozen apps had the infected bug but Google had consistently removed most of them but one stayed hidden in an app for a good one year before it was discovered by Google’s security net.
Image: Deccan Chroncile
- What is Judy malware?
Judy malware is an auto-clicking adware which help companies boost their revenues. Hacker designed the malware in such a way that it bypasses Google Play Store’s protection. It seemingly benign bridgehead app, meant to establish connection to the victim’s device, and insert it into the app store. The scary part of the story is that Judy is hiding in app code since April 2016 and these apps that have been directly linked with Judy have been downloaded between 4.5 million and 18.5 million times, there is no direct estimate of how many devices have been affected.
- What happens once Judy infects?
Judy tries to make money for its masters by creating fake ad clicks once it has infected a phone. The infection happens once a user downloads the app through the Play store. After infecting a phone the app connects to a Control & Command centre managed by its creators. To bypass Google Play’s protection known as Bouncer, the hackers create a bridgehead app to establish connection to the victim’s device, and insert it into the app store. Once a user downloads a malicious app, it silently registers receivers which establish a connection with the C&C server. The server replies with the actual malicious payload…,” notes Check Point.
- Should you worry about Judy?
It doesn’t seem that Judy steals any information from a user. Instead, it seemingly uses a phone to generate fake ad clicks, which then make money for its creators.But with the secret gateway it creates between an infected phone and the malware server can possibly easily steal private details like credit card information and passwords from a phone.
- How to Stay Safe?
Although app stores have security measures to detect apps with malicious intent and block them off from being uploaded.But users shouldn’t only rely on the security measures of the app stores and should download antivirus on your smartphoneslike you do on your PC.You should also always check the permission that an app seeks before installing it on your device, as more than often, even the popular apps like Facebook are hindering your privacy.
- How do you know if Judy has affected your phone or not?
The only way to find out is to see whether you have any of these apps installed or not. There is no other tool. If you have installed any of these apps your phone is most likely infected. You should format your phone ASAP.