Massive Attack on Google Play May Have Reached 36 Million Users

May 29, 2017 by Douglas A. McIntyre

Alphabet Inc.’s (NASDAQ: GOOGL) Google Play product has been the target of a huge malware attack which has affected as many as 36 million users. Google Play allows Android OS mobile users access to apps, movies, music, and books. Android is the most widely distributed mobile OS in the world and is used on almost all smartphones not produced by Apple Inc. (NASDAQ: AAPL).

According to research firm Check Point:

Check Point researchers discovered another widespread malware campaign on Google Play, Google’s official app store. The malware, dubbed “Judy”, is an auto-clicking adware which was found on 41 apps developed by a Korean company. The malware uses infected devices to generate large amounts of fraudulent clicks on advertisements, generating revenues for the perpetrators behind it. The malicious apps reached an astonishing spread between 4.5 million and 18.5 million downloads. Some of the apps we discovered resided on Google Play for several years, but all were recently updated. It is unclear how long the malicious code existed inside the apps, hence the actual spread of the malware remains unknown.

We also found several apps containing the malware, which were developed by other developers on Google Play. The connection between the two campaigns remains unclear, and it is possible that one borrowed code from the other, knowingly or unknowingly. The oldest app of the second campaign was last updated in April 2016, meaning that the malicious code hid for a long time on the Play store undetected. These apps also had a large amount of downloads between 4 and 18 million, meaning the total spread of the malware may have reached between 8.5 and 36.5 million users. Similar to previous malware which infiltrated Google Play, such as FalseGuide and Skinner, Judy relies on the communication with its Command and Control server (C&C) for its operation. After Check Point notified Google about this threat, the apps were swiftly removed from the Play store.

Malware attacks have been in the news recently. Ransomeware called WannaCry recently hit approximately 200,000 computers in 150 countries, and, in the process, virtually shut down the U.S. health care network.

Sponsored: Attention Savvy Investors: Speak to 3 Financial Experts – FREE

Ever wanted an extra set of eyes on an investment you’re considering? Now you can speak with up to 3 financial experts in your area for FREE. By simply
clicking here
you can begin to match with financial professionals who can help guide you through the financial decisions you’re making. And the best part? The first conversation with them is free.


Click here
to match with up to 3 financial pros who would be excited to help you make financial decisions.