Researchers at Check Point Software Technologies Ltd. They have uncovered a new and definitely extensive malware campaign against Google Play, the official Google app store. malware called Judy is a self-clearing adware discovered in as many as 41 apps developed by a Korean company called Kiniwini. The malware uses infected devices to generate large amounts of clicks on advertisements in order to increase the revenue of the virus creator.
The malicious apps have reached more than 36.5 million users worldwide. It also appears that these same apps have resided within Google Play for several years now, but have all recently been updated. Therefore, it is unclear how long the malicious code has actually been present in these apps, so the actual spread of the malware remains unknown.
The same malware has also been detected by Check Point in other apps made by different developers on Google Play. However, the connection between these two campaigns remains unclear, and the possibility that one borrows from the other knowingly or unknowingly is not ruled out. The oldest app related to the second campaign was last updated in April 2016, which means that the malicious code has been hiding in the Play store for a long time without being detected.
All in all, even if this threat does not seem to be dangerous for users’ information and data, it could still come close to an unenviable record: that of the “largest malware campaign uncovered on Google Play” according to Check Point experts. Google has already removed the apps from its digital store after being notified by the company.