EXECUTIVE SUMMARY

A new malware was discovered that could potentially impact millions of Android users. It is known as ‘Judy’ because of its connection with a fashion and cooking game series that stars a cartoon character by that name.

The malware runs in the background of the game app, making it hard to detect. When a device is infected, it is sucked into a fraudulent ad-clicking campaign that generates revenue for the hackers.

Read the full story….

It’s all fun and games until someone gets hacked—and his or her device is taken over by malware to feed a fraudulent ad revenue campaign. And yes, that’s exactly the storyline of a new malware uncovered by Check Point Researchers.

The Judy malware, an auto-clicking adware found within 41 Android apps available through the Google Play app store, is named after the main character of a fashion and cooking game series. The malware directs infected devices to a web page, where they are manipulated into generating large amounts of fraudulent clicks on advertisements. Because of those clicks, the perpetrators behind the scheme earn revenue.

The infected apps have been on Google Play for years. However, all were recently updated. For those who still have the older apps, the adware is not immediately obvious because it runs in the background. As Check Point researchers explain, users cannot rely on official app stores for their safety. The best advice: Be sure to implement advanced security protections that can detect and block zero-day mobile malware. Or, as New York Magazine puts it: “The best thing for concerned Android users to do is to take a quick glance at their app library, and if they see the smiling cartoon face of Judy — whether she’s in Chef form or donning her Magic Girl Style — delete her immediately.” Judy, Judy, Judy.

To dig deeper into the details, read Check Point’s blog post.