The malware apps saw between 4.5 million and 18.5 million downloads, as security company Check Point reports. Check Point was able to report the troublemaking apps, and Google has since removed them from their official app store, Google Play.
How It Works
Some of the apps had been around for years, but all were consistently updated, meaning that this malware campaign was a resounding success up until now. Here are the full details from the company that cracked the case:
Avoiding Malware Apps
The only way to be sure you’re safe is to opt for downloading only the most well-established professional apps. And given some of Uber’s brushes with the Apple Store’s ethical standards that have recently come to light, maybe even the established apps aren’t safe. We also found several apps containing the malware, which were developed by other developers on Google Play. The connection between the two campaigns remains unclear, and it is possible that one borrowed code from the other, knowingly or unknowingly. The oldest app of the second campaign was last updated in April 2016, meaning that the malicious code hid for a long time on the Play store undetected. These apps also had a large amount of downloads between 4 and 18 million, meaning the total spread of the malware may have reached between 8.5 and 36.5 million users. Similar to previous malware which infiltrated Google Play, such as FalseGuide and Skinner, Judy relies on the communication with its Command and Control server (C&C) for its operation. After Check Point notified Google about this threat, the apps were swiftly removed from the Play store.” A full list of the 41 malware apps involved in this incident is available over here, for those interested in finding out if their Android phone has been supporting ad scammers for the last few years. Hint: If ‘Judy’ is in the title of an app you downloaded, you’re in trouble.
