01 Jun New Malware Could Infect 36.5 Million Android Users Globally
As many as 36.5 million Android users may have been infected by an advertising fraud malware, thought to be the largest malware campaign ever.
With the business world still recovering from the fallout caused by the “WannaCry” ransomware attack, a new threat has arisen. Targeting 10s of millions of Android phone users on one of the world’s most popular app marketplaces, where it has lurked for years.
The Malware campaign dubbed “Judy” after one of the infected applications, is an auto-clicking adware which was found on 41 applications developed by a Korean company and spread throughout Google Play Store, one of the world largest application marketplaces.
The malware uses infected devices to generate large amounts of fraudulent clicks on advertisements, generating revenue for the perpetrators while severely hindering the performance of infected mobile devices.
The malicious application has been spread through between 4.5million and 18.5 million downloads, some of the infected applications have been available to download from Google Play Store for several years. It is unclear how long the malicious code has existed inside the apps, and therefore the actual numbers remain unclear.
Several other apps from different developers also contained the same malware, possibly through borrowing code knowingly or unknowingly. The oldest infected application on the store was last updated in April 2016, which means the malicious code has remained hidden for at least a year undetected.
These apps also had as many as 18 million downloads, meaning the total spread of the malware may have reached between 8.5 and 36.5 million users.
Judy managed to bypass, Google Play’s protection, by being implemented as a benign piece of code inside of the app. Once the user had downloaded the application it silently downloads a receiver which connects to its command center and downloads a malicious payload. Once the malicious payload is on the devices the malware will automatically activate.
The malware itself imitates an internet browser, which clicks adverts when users are browsing the internet or playing a game. The fraudulent clicks generate a large revenue for the perpetrators, especially since the malware reached a presumably widespread of people. At this moment, it appears nothing has been stolen from users. But the secret gateway it creates could be used to steal credit card details and other sensitive information from a phone,
Google Play Store confirmed today that they had pulled down all policy violating applications from the report.
Android currently makes up around 75% of Thailand’s mobile phone market share. Many varieties of malware are able to transfer inside networks like offices and coffee shops. If you think you or your business is infected with malware or ransomware, contact Aware today info@aware.co.th.
Other Applications that contained the Judy virus Included:
Package name | App name | Date | Min | Max | Developer |
com.CoupleDday | 커플디데이 (커플기념일, 위젯) | 2-Apr-17 | 100,000 | 500,000 | Neoroid |
com.DogSound | Dog Music (Relax) | 29-Jun-16 | 10,000 | 50,000 | Neoroid |
com.kakaotalkchatanalyst.ks | 카카오톡 대화분석기 | 25-Feb-16 | 1,000,000 | 5,000,000 | DeepEnjoy |
com.PeriodCalendar | 황금기 알리미 (여성달력) | 20-Apr-16 | 100,000 | 500,000 | Neoroid |
com.MoneyBook | 100억 가계부 | 2-Apr-17 | 100,000 | 500,000 | 그린 스튜디오 |
com.lee.katocpic | KatocPic(카톡픽) – 카톡프로필 | 23-Aug-16 | 5,000 | 10,000 | Wontime |
com.appnapps.app77 | 필수추천 무료어플 77 | 5-Feb-17 | 1,000,000 | 5,000,000 | App&Apps |
com.sundaybugs.spring.free | Spring-It’s stylish, it’s sexy | 30-Sep-16 | 1,000,000 | 5,000,000 | Sundaybugs |
com.lx5475.craftingbox2 | Crafting Guide for Minecraft | 4-May-17 | 500,000 | 1,000,000 | JIZARD |
Total | 4,215,000 | 18,060,000 |
- Harnessing Microsoft 365 Copilot for Educational Excellence - March 21, 2024
- How Can Microsoft Copilot Help Human Resources Staff? - March 20, 2024
- Microsoft Copilot for Human Resources - March 20, 2024
- The Business Benefits of Microsoft Copilot for Marketing Professionals - February 19, 2024
- The key business benefits of Microsoft Copilot - February 19, 2024
- How To Increase Your Employee’s Productivity with Copilot for Microsoft 365 Word - February 16, 2024
- Transform with AI – Journey with Aware - November 20, 2023
- What is Edge Computing? Advantages and Disadvantages: - May 20, 2022
- SAP Business One Vs Microsoft Dynamics 365 - November 12, 2021
- SAP Business One in Manufacturing - November 4, 2021