Known as 'Judy', this malware is embedded in some apps available on the Google Play Store. The contents are ad-ware auto clicking.
The results of the Checkpoint study showed that about 36.5 million Android devices worldwide have been infected with this malware. That is, Judy could be the most widespread malware ever touched the official Android app store.
So far, the exact number of infected users remains unconfirmed. However Checkpoint warned, this time malware is in some applications that have been available for years in the Google Play Store.
Quoted from the Trusted Review, Judy found in 41 applications developed by Korean companies. Some people may consider trivial malware containing ads that can automatically click on their own.
After all, the name of malware will still harm. Mentioned Checkpoint, Judy generated a fake click on an ad. The number of clicks generates profit for the culprit.
This malware inserts the connection from the user's phone to the app store. That is, when a user downloads an app, Judy secretly connects it to a 'standby' receiver in connection to a C & C server, which will reply with a malicious charge.
Google reportedly has removed the allegedly infected application, by removing a number of fashion and game games that contain the name Judy.
"The oldest application infected with malware was last updated in April 2016. This means that this malware hiding long enough in the Play Store and not detected," said Checkpoint.
Korean publisher is accused of being responsible for infecting a number of applications by this malware. But another report mentions, there are also some publishers who release applications with Judy malware in it.
Not yet known how the application contains this Judy malware can pass the screening process of Google Play Store. But Checkpoint has an explanation of this.
"Hackers can smartly hide the real purpose of their apps, or even manipulate users to give a positive rating for some cases that are difficult to explain," he explained.