Google kills massive Android malware campaign that infiltrated Play Store


Dozens of apps have been removed from the Google Play Store after Check Point, a cyber security firm, discovered they were infected with Malware.

Many of the apps, 41 in total, have been available for several years and have been downloaded anywhere between 8.5 million and 36.5 million times.

Check Point have dubbed the malware ‘Judy’ and it is believed to have generated thousands of fraudulent clicks with owners making money from each click. The find is described as “likely the largest ever campaign uncovered on Google Play.”

The malware belonged to a Korean company that manufactures apps for both iOS and Android devices.

“It is important to note that the activity conducted by the malware is not borderline advertising, but definitely an illegitimate use of the users’ mobile devices for generating fraudulent clicks, benefiting the attackers,” Check Point said.

It also appears that there are other apps with no apparent relationship with the Korean company that are running ‘Judy’ too.

“The connection between the two campaigns remains unclear, and it is possible that one borrowed code from the other, knowingly or unknowingly,” Check Point’s mobile research team said in the alert.

Google uses technology known as Bouncer to detect Malware but it appears that the Korean company uploaded a seemingly benign application to the Play Store in order to circumnavigate Bouncer’s checks.

Google refused to comment on Check Point’s finding or why the malware had been allowed to undetected for so long. However, in Google’s defence, as soon as they update their security, malware authors find new ways to sneak through.


Comments are closed.