Malware News Android malware ‘Judy’ hits about 36.5M Phones

[Parsh]

The security firm Checkpoint on Thursday uncovered dozens of Android applications that infected users’ devices with malicious ad-click software. In at least one case, an app bearing the malware was available through the Google Play app store for more than a year.

Fashion Judy: Pretty Rapper Style is one of dozens of Android apps found to infect mobile devices with malware.

The malicious apps primarily included a series of casual cooking and fashion games under the “Judy” brand, a name borrowed for the malware itself. The nefarious nature of the programs went unnoticed in large part, according to Checkpoint, because its malware payload was downloaded from a non-Google server after the programs were installed. The code would then use the infected phone to click on Google ads, generating fraudulent revenue for the attacker.

The infection may have spread even more widely than Checkpoint’s estimates, since not all of the extensive line of “Judy” apps are included on Checkpoint’s tally – it’s missing Fashion Judy: Magic Girl Style and Fashion Judy: Masquerade Style, among others. All installments of the series do appear to have been pulled from Google Play.
The “Judy” apps were published by an apparently Korean entity known as ENISTUDIO. However, iterations of the same attack were found on a handful of apps from other publishers.

This is not the first instance of a malwareinfestation making it through the screening process on Google Play, nor is it the most damaging – Checkpoint did not find any evidence, for instance, that “Judy” compromised data on infected phones. That Judy was able to hide on Google Play for so long highlights the tradeoffs of Android operating system, which is often seen as more open but less secure than Apple’s iOS.

 

[_CyberGhosT_]

Being a non perverted grown man, I have no business playing games of this nature.
That being said, I view my LG device as a Phone, I have very few apps installed, a couple for work, and weather
and that's about it. I may root only long enough to remove the junk apps, and even then I un-root afterwords.
I guess I am just a little old school in that reguard, I see my phone as "a phone" and my PC is for fraggin it up
Cool share Parsh.
PS: oops I forgot to add, I use AdGuard mobile

 

[Parsh]

Being a non perverted grown man, I have no business playing games of this nature.
That being said, I view my LG device as a Phone, I have very few apps installed, a couple for work, and weather
and that's about it. I may root only long enough to remove the junk apps, and even then I un-root afterwords.
I guess I am just a little old school in that reguard, I see my phone as "a phone" and my PC is for fraggin it up
Cool share Parsh.
PS: oops I forgot to add, I use AdGuard mobile

Haha, A big picture got copied here on my phone, from the news source.
Purposeful rooting and then unrooting likse you mentioned is exactly what I've been doing till now
I tried AdClear earlier but the exaggerated descriptions on their site and it being non-Play Store app led me to not trust it fully.
Currently using Adguard only.

 

[mekelek]

i still wonder why people say you don't need an AV on Android cause of Google Play Store when ##### like this happens every week..

 

[Parsh]

i still wonder why people say you don't need an AV on Android cause of Google Play Store when ##### like this happens every week..

Though there's a need for them, a question to ask is how mature are the Android AVs yet?

 

[mekelek]

Though there's a need for them, a question to ask is how matured are the Android AVs yet?

I mean, Norton has machine learning implemented in their Mobile security. I actually switched Kaspersky down for it.

 

[Cohen]

Stuff like this is why I use AFWall for blocking internet-access on all apps unless I allow them access and Adaway for blocking ads system-wide using the hosts file. The rest of my family (the ones who will let me do it at least ) use Adguard because it's less risky and easier for them to use; I can put it on their phones, set it up right and not have to worry about it.

 

[S3cur1ty 3nthu5145t]

Mobile AV's are good for scanning apps, and for webfilters for your mobile browser. As for scanning the mobile system, they are pretty useless as they can only scan so far into the system due to system restrictions.

If you are not sampling every app in Google Play Store, and vet the ones you do want carefully before downloading you will be just fine in that sense, using the mobile browser, well, that is a different case.

As mentioned, Norton has a great app scanner which will scan the app before you download it, telling you if the app uses high data, or is a battery hog, or if it sends your data off to third party. That said, it can be buggy, and will nag you to install other Norton products even if you have the paid version.

I personally like Eset mobile after testing many, it's light, the UI is very responsive, and it has the best SMS/call filter I have seen yet in the play store, as well as a security audit and security report and does not nag me to install anything else and is average on background resource consumption.

 

[mekelek]

Mobile AV's are good for scanning apps, and for webfilters for your mobile browser. As for scanning the mobile system, they are pretty useless as they can only scan so far into the system due to system restrictions.

If you are not sampling every app in Google Play Store, and vet the ones you do want carefully before downloading you will be just fine in that sense, using the mobile browser, well, that is a different case.

As mentioned, Norton has a great app scanner which will scan the app before you download it, telling you if the app uses high data, or is a battery hog, or if it sends your data off to third party. That said, it can be buggy, and will nag you to install other Norton products even if you have the paid version.

I personally like Eset mobile after testing many, it's light, the UI is very responsive, and it has the best SMS/call filter I have seen yet in the play store, as well as a security audit and security report and does not nag me to install anything else and is average on background resource consumption.

ESET bugged out on me on my phone too many times.

Norton hasn't nagged me once about stuff like that.. Norton just has so many more features compared to all the other security suites on mobile. It can protect almost every browser too, not just Chrome.

Adaway rooted + Ublock origin added to Firefox and i'm golden. (yes, you can add extensions to Firefox on android, i was shocked too, works perfectly fine too.)

 

[S3cur1ty 3nthu5145t]

ESET bugged out on me on my phone too many times.

Norton hasn't nagged me once about stuff like that.. Norton just has so many more features compared to all the other security suites on mobile. It can protect almost every browser too, not just Chrome.

Adaway rooted + Ublock origin added to Firefox and i'm golden. (yes, you can add extensions to Firefox on android, i was shocked too, works perfectly fine too.)

Norton has not nagged you to install it's app lock application or Wi-Fi privacy ect, if it has not, it is because you have these apps, or you just switched. I used these apps for months, and even tried to get Norton to adjust issues with them, but after some time I gave up, because that huge fortune 500 company does not care about it customers, it is evident in their support forum.

As for Eset, I have not had one issue with it, it sits in the background silently.

 

[Nikos751]

I use disconnect pro for Samsung which uses samsung knox technology (firewall) to block ads & trackers universally. It's not a vpn so it does not cause battery drain or other issues. it's available on galaxy apps for free once in a while, otherwise it's quite expensive.
..At least the damage caused by Judy is not a big deal..

 

[Nikos751]

Being a non perverted grown man, I have no business playing games of this nature.
That being said, I view my LG device as a Phone, I have very few apps installed, a couple for work, and weather
and that's about it. I may root only long enough to remove the junk apps, and even then I un-root afterwords.
I guess I am just a little old school in that reguard, I see my phone as "a phone" and my PC is for fraggin it up
Cool share Parsh.
PS: oops I forgot to add, I use AdGuard mobile

That's a mature attitude, bravo! I think it's good for all of us to prioritize basic reliability for our devices no matter what that means (buying reliable devices, watch out for malicious-bad apps & install only what's needed; the phone is not a playground)

 

[mekelek]

Norton has not nagged you to install it's app lock application or Wi-Fi privacy ect, if it has not, it is because you have these apps, or you just switched. I used these apps for months, and even tried to get Norton to adjust issues with them, but after some time I gave up, because that huge fortune 500 company does not care about it customers, it is evident in their support forum.

As for Eset, I have not had one issue with it, it sits in the background silently.

ESET's anti-theft modules are bugged as hell, once i replaced my SIM card and couldn't unlock ESET cause the non-default keyboard didn't pop up(ESET blocked it), had to wipe it off from recovery mode to gain access to it. It also randomly crashed a few times.

I plan to buy Norton anyways, if it will start nagging me about their other products, i will get back to you, so far it hasn't.

 

[S3cur1ty 3nthu5145t]

ESET's anti-theft modules are bugged as hell, once i replaced my SIM card and couldn't unlock ESET cause the non-default keyboard didn't pop up(ESET blocked it), had to wipe it off from recovery mode to gain access to it. It also randomly crashed a few times.

I plan to buy Norton anyways, if it will start nagging me about their other products, i will get back to you, so far it hasn't.

Restarting the phone or using your buddies number that during set up is asked for as a last effort to verify yourself did not unlock it?

I have a friend using Eset also , he has my number listed for this, locked himself out, and could not get back in, we had them verify on my end, and it was unlocked, worked as it should.

 

[mekelek]

Restarting the phone or using your buddies number that during set up is asked for as a last effort to verify yourself did not unlock it?

I have a friend using Eset also , he has my number listed for this, locked himself out, and could not get back in, we had them verify on my end, and it was unlocked, worked as it should.

wasn't in my mind that time.

 

[Weebarra]

Being a non perverted grown man, I have no business playing games of this nature.
That being said, I view my LG device as a Phone, I have very few apps installed, a couple for work, and weather
and that's about it. I may root only long enough to remove the junk apps, and even then I un-root afterwords.
I guess I am just a little old school in that reguard, I see my phone as "a phone" and my PC is for fraggin it up
Cool share Parsh.
PS: oops I forgot to add, I use AdGuard mobile

methinks the man doth protest too much, lol.

 

[hirudora56]

Generally my phone has some social apps, some work related apps like an office suite, onedrive & a few custom apps. Other than that I use AdAway with custom host list. I rarely see any ads in apps, even in notorious apps like Clean master. (Don;t use it though)

 

[_CyberGhosT_]

methinks the man doth protest too much, lol.

Such is a relevant man I doth think lol

 

[DJ Panda]

I don't use any sort of VPN, AV, or adblocker on my phone. Too old, I also don't put sensitive data on it.

 

[aragornnnn]

The mighty three i use are Adguard, Kaspersky and some sort of weather app