After Wannacry crisis; Judy storms Android devices

The world is barely recovering from the Wannacry attacks and it already has something else to worry about. A malware dubbed ‘Judy’ has taken hold in Google Play and has already affected more than 36 million android devices.

Judy belongs to a class of malwares called adware. The purpose of adware’s is to launch a browser app, load an URL, and use JavaScript to locate and click on specific ad banners that would bring profits to the malware's creators.

The malware was detected by Checkpoint, an Israeli cyber security giant. According to checkpoint as many as 36.5 million android devices may be affected by the malware. “The malware uses infected devices to generate large amounts of fraudulent clicks on advertisements, generating revenues for the perpetrators behind it,” said Checkpoint in a blog post.

The surprising fact about this attack is that most of the affected apps have been present in Google play for years now and have been clean. According to checkpoint they were updated after April last year to include the Malware in it.

“Some of the apps we discovered resided on Google Play for several years, but all were recently updated. It is unclear how long the malicious code existed inside the apps, hence the actual spread of the malware remains unknown,” added Checkpoint.

There are more than 40 apps affected by the malware, most of them coming from a single Korean developer registered under the name ENISTUDIO corp. Some affected apps were developed by other developers as well. Google has already responded to this by booting 41 affected apps from Google Play.

“It is unclear if the company added the malicious code itself, or its servers were compromised and the code added by a third-party,” said Google in a blog post.