The Google Play Store security protocol has been breached and online security experts estimated up to 36.5 million Android devices have been infected. The malware was identified as Judy and "possibly the largest malware campaign found on Google Play," reports said.
Security firm Check Point reported that prior to detection, Judy Malware was downloaded up to 18.5 million times and the infections were loaded though game app developer Kiniwini. The Korean company publishes apps though ENISTUDIO Corp. and the most popular offerings mostly carry the Judy branding, which explains the malware labelling.
The malware was designed "to generate large amounts of fraudulent clicks on advertisements, generating revenues for the perpetrators behind it." The malware spread by bypassing the Google Bouncer security system and once installed on a device it connects to the Command and Connection server.
"The server replies with the actual malicious payload, which includes JavaScript code, a user-agent string and URLs controlled by the malware author. The malware opens the URLs using the user agent that imitates a PC browser in a hidden webpage and receives a redirection to another website. Once the targeted website is launched, the malware uses the JavaScript code to locate and click on banners from the Google ads infrastructure," the Check Point report was quoted by PC Mag as saying.
Check Point said Judy Malware behaves likes previously identified bugs known as FalseGuide, Skinner and DressCode. The infection was made possible due to the failure of the Google Play Store security measures. So in light of the Judy Malware spread, "Users cannot rely on the official app stores for their safety, and should implement advanced security protections capable of detecting and blocking zero-day mobile malware," Check Point said on its report.
In a related report, Tech Times outlined some recommendations to keep hackers at bay and prevent malware infection. As Check Point highlighted on its report, user reviews could provide clues on applications that need to be downloaded. In many cases, if problems have been experienced there will be postings to warn other users.
It's also wise to use anti-virus app for mobile protection as the Android OS is frequently targeted by hackers due to its wide database of users. Free protection tools like Avast can be found on the Play Store so there is no need to spend but for extra layer of security, a paid subscription is not bad thing.
Using a VPN or virtual private network will also help, which is especially true when logged in to a public network. And it's a must that users opt for stronger passwords. In this case, putting together alphanumeric combination will make for a digital security key that will be tough to crack.
And most importantly, Android users need to make sure that the mobile OS installed on their devices is the latest version and if not applicable, as the case for many Android handsets and tablet, then at least the devices need to have the latest security patches.
Check Point said Judy applications can also be found on Apple's App Store but as of writing there is no indication the same problem exists in the iOS system.