Apps downloaded onto Android phones from the Google Play Store may have infected up to 36 Million Android devices with malware.
The malware has been dubbed Judy as many of the apps featured a game character by this name. Nearly 50 apps have been found on the App store that contained Judy Code. These have now been removed from the Play Store.
The code sent infected devices to a target web pages where they generate fraudulent clicks on the site’s adverts to make money for its creators.
Te research was carried out by Checkpoint, a security firm. They found that that 40 of the apps were from the South Korean developer, Kiniwini. This developer publishes its games to the Play Store under the name Enistudio.
The same code was found in several other apps made by other developers. Between them, the infected apps are thought to have been downloaded up to as many 36.5 million times.
According to Andrew Smith, a senior lecturer in Networking at the Open University, this kind of attack is becoming common place.
Apps with this kind of code are able to bypass the Play Store protection system as they do not contain the malicious part of Just code. Instead, once downloaded they silently register the infected device on a remote server that sends back the malicious add clicking software.
It becomes difficult for anti-malware software to keep up as the malware distributor can be changed remotely.
Device owners are left with an infected device that display adverts contains within adverts which often cannot be closed unless they have been clicked on.