Remove Judy Malware from Android Devices

This month will two huge malware infection campaigns were discovered and stopped. One of them is the well known WannaCry ransomware that we have talked about in detail previously. And the more recent is the Judy malware that is downloaded by some games in Android. These games could be installed from the Google Play store until a few days ago but now Google has removed them. Despite this, these apps are still available from many other sources on the internet.

All of these game for Android are developed by a South Korean company named ENI Studio Corp. The researchers at Check Point Security discovered that these games once installed, download malicious files related to Judy malware from the internet that opens a small hidden web browser in your Android device, load certain websites in it and use JavaScript  to perform automatic clicking on some parts of the websites.

Since these games were available on Play store for years, Check Point has estimated that the total spread of the Judy malware could have reached between 8.5 to 36.5 million users. If you have kids playing with your Android devices, they could have downloaded these games on these devices. You can check the big list of all the apps that download Judy malware in Android from the Check Point blog at http://blog.checkpoint.com/2017/05/25/judy-malware-possibly-largest-malware-campaign-found-google-play/.

Judy Malware for Android

You should also run a scan of your Android device using a good antivirus like Zonealarm Security from Check Point or Bitdefender Antivirus. When we tested, surprisingly some of the antivirus apps for Android could not detect these games as malicious and allowed them to be installed and used. On our Android test smartphone, Bitdefender Antivirus could block the installation and detect it very fast. Perhaps in the coming days all the antivirus vendors will block these malicious apps since they are still available from some unofficial source on the internet.

Leave a Reply

Your email address will not be published. Required fields are marked *