The Korean company Kikiwini published 41 Android APPS under the name ENISTUDIO Corp.
These could have infected up to 36.5 million Android devices by hidden malware that produced fake advert clicks.
Security firm Check Point identified these apps and realised these infected devices could be used to generate large amounts of fraudulent clicks on advertisements, generating revenues for the creators of the malware.
The malware was dubbed “Judy” by Check Point after the title character in Kiniwini’s apps. Chef Judy: Picnic Lunch Maker, for example, encourages players to “create delicious food with Judy
Google removed the apps from Google Play once it had informed of the problem.
How does Judy infect your device?
Hackers create a harmless app that can get around Google’s security screening and it is added to the app store.
Once it has been downloaded by users, it silently registers with the makers servers for update. That update is not just latest software, content and adverts etc. It contains the code and list of web addresses. The APP then opens a browser window and starts to make clicks on the listed websites on the selected adverts. These clicks are registered by networks such as Google Ads and in time will produce payments to the makers.
This kind of cheating has been used in the past but this is one of the worst such examples and it circumvents Google APP security which they will not be pleased about.
Kiniwini also develop APPS for Apple devices but so far there are no reports of problems with those APPS.
Do enter your email address and click on the subscribe button on top right to keep up to date with new posts.