There is a huge variety of smartphone apps nowadays and they can be exceptionally helpful. It’s possible to use them to organize your day, to create recipes, to study, and even to help you stay on track while abandoning bad habits – you name it, it’s there. Unfortunately, con artists are never far away when it comes to something popular and they’re always looking to enrich their bank accounts at someone else’s expense. Such is exactly the case with the Judy virus which is disguised as a picnic lunch maker (and has many other faces like Animal Judy: Fennec Fox Care, Judy’s Happy House, Fashion Judy: Frozen Princess, and many more) and was spread by nearly 50 apps in the Google Play Store.
As security researchers from Checkpoint say, this threat may have attacked up to 36 million Android devices. The malicious code is installed onto them when the apps are downloaded and once that happens, advertisements start to be displayed inside the Internet browser. The virus itself was created by the Korean developers Kiniwini and they’re registered as ENISTUDIO Corp., so be on the lookout for those names and avoid any applications that bear them.
Judy is classified as an auto-clicking adware and it brings profits to people responsible for it by generating web traffic from the aforementioned ads. Your device starts working much slower because of it, but the good news is, Google has already delisted all of the affected apps from its store. 41 of them were made by Kiniwini and 9 belonged to other creators. It’s not currently known whether this connection was intentional or accidental – one of the possible scenarios is that one borrowed the code from another. But a lot of the applications that carried Judy have stayed on the Google Play Store for several years and even received updates, so it’s very difficult to say for certain how many people have become infected by them. However, the download numbers are there and, based on high and low estimates, Checkpoint assumes that it may be between 8.5 and 36.5 million users.
The full list of the affected apps can be found at http://blog.checkpoint.com/2017/05/25/judy-malware-possibly-largest-malware-campaign-found-google-play, so if you have one of them on your device, it should be deleted immediately. We also strongly advise to install security software, as new threats are constantly developed and you don’t want to be attacked by them. A program like Google Play Protect does the job just fine as it scans the apps before the download is initiated and also removes those that are malicious in nature. It also has a certain feature that informs you about the status of the device and you can get to it via the application menu on Google Play Store.
Protection from viruses is also possible through checking the app permissions when they’re downloaded, VPN usage (especially when connecting to a public network), and, of course, other mobile security software like SandBlast Mobile, Check Point Capsule, and Endpoint Security. Make sure to keep this software updated, as well as the OS itself, and the chances of your device being compromised will be significantly reduced. You also need to avoid unnecessary risks while browsing the Web and gather some information before downloading new applications. If you follow those guidelines, everything should be alright and con artists won’t be able to take advantage of you. The threats they make are dangerous, but they can still be dodged, and now you know how to do it. As you can see, it doesn’t require a lot on your part.