Millions of Android devices have been infected by a new strain of malware dubbed Judy, which automatically taps on intrusive pop-up adverts on the users smartphone.
The malware was uncovered by cyber security firm Check Point, which found the adware on 41 apps on Google Play developed by a Korean company.
Check Point noted that the malicious apps spread at a heady pace, hitting somewhere between 4.5 million and 18.5 million downloads.
“We also found several apps containing the malware, which were developed by other developers on Google Play,” noted Check Point’s mobile security research team.
“The connection between the two campaigns remains unclear, and it is possible that one borrowed code from the other, knowingly or unknowingly. The oldest app of the second campaign was last updated in April 2016, meaning that the malicious code hid for a long time on the Play store undetected.”
Check Point alerted Google to the malware and the search giant promptly removed the infected apps. However, the spread of the malware is estimated to have reached between 8.5 and 36.5 million Android users, particularly as some of the apps have lurked on the Play store for several years.
As such, the malvertising campaigns making use of Judy appear to have the potential to be the largest of their kind on Google Play.
While Google may be rapid at tacking down malware ridden apps, Judy serves as another warning that users need to be vigilant on the apps they download and not rely upon just the security of official apps store.
Rather, people should ensure they also have anti-virus software installed on their devices and regularly backup their device so that in case the handset or tablet needs to be wiped to get rid of a virus, there is a copy of the data ready for download from the cloud.
With the upcoming Android O, currently in beta, Google appears to be pushing more security into its mobile operating system which should help to mitigate such malware.
Are you a security pro? Try our quiz!
Suspended prison sentence for Craig Wright for “flagrant breach” of court order, after his false…
Cash-strapped south American country agrees to sell or discontinue its national Bitcoin wallet after signing…
Google's change will allow advertisers to track customers' digital “fingerprints”, but UK data protection watchdog…
Welcome to Silicon In Focus Podcast: Tech in 2025! Join Steven Webb, UK Chief Technology…
European Commission publishes preliminary instructions to Apple on how to open up iOS to rivals,…
San Francisco jury finds Nima Momeni guilty of second-degree murder of Cash App founder Bob…