Story image

Malicious apps discovered on Google Play - some lurking for more than a year

30 May 2017

Check Point, a security software company, has revealed that their researchers discovered another widespread malware campaign on the official Google app store, Google Play.

The malware, dubbed “Judy”, is an auto-clicking adware which was discovered on 41 apps developed by a Korean company. The malware uses infected devices to generate large amounts of fraudulent clicks on advertisements, resulting in generated revenue for the companies behind the ads.

The malicious apps reached a whopping amount of downloads, between 4.5 million and 18.5 million. Some of the apps discovered had been residents on Google Play for several years, but had all been very recently updated. Because it is unknown how long the malicious code existed in the apps, the true spread of the malware can’t truly be known.

Also found were several apps containing the malware which had been developed by other developers on Google Play. At the moment the connection between the two campaigns remains unclear, but it is entirely possible that one borrowed code from the other either knowingly or not.

The oldest app of this second campaign was last updated in April 2016, meaning that the malicious code was hidden, undetected, on Google Play for more than a year.

These apps also had a large amount of downloads (between 4 and 18 million), meaning the total spread of the malware across both campaigns may have reached between 8.5 and 36.5 million users.

Similar to previous malware which infiltrated Google Play, such as FalseGuide and Skinner, Judy relies on the communication with its Command and Control server (C&C) for its operation. After Check Point notified Google about this threat, the apps were quickly removed from the Play store.

Samsung & Trade Me offer AI-powered shopping
The smartphone camera & AI-powered tech, Trade Me says, is a ‘glimpse into the future of shopping’.
Neill Blomkamp's 'Conviction' is a prequel to BioWare's Anthem
You may remember Neill Blomkamp’s name from such films as District 9, Chappie, and Elysium. If you’ve seen any of those films, the short teaser trailer will seem somewhat familiar to you.
Security flaw in Xiaomi electric scooters could have deadly consequences
An attacker could target a rider, and then cause the scooter to suddenly brake or accelerate.
617 million stolen records up for sale on dark web
It may not be the first time the databases have been offered for sale.
IBM’s Project Debater unable to out-debate human
At this incredible display of technology, the result was remarkably close but the human managed to pip the machine in this instance.
LPL to broadcast weekly programming on Sky Sports
Let’s Play Live (LPL) has now announced it will broadcast weekly programming for the rest of 2019 on the Sky Sports channel from Sky TV. 
When hackers get the munchies, they just steal McDonalds
What happens when hackers get the munchies? Apparently in Canada, they decide to put their ‘hamburglar’ gloves on and go after unwitting people who happen to use the McDonalds app.
The smart home tech that will be huge in 2019
For millennial home buyers, a generation for whom technology has been ever-present, smart systems are the features they value above everything else.