JUDY Ransomware infects 36.5 million Android Phones


A new ransomware variant called JUDY developed by a Korean firm is on the prowl and is said to have infected around 36.5 million Android Phones operating around the globe, says a research carried out by security solutions provider Check Point.

The said malware which has a split personality is capable of not only holding data for ransom but is also well efficient in generating large amounts of fraudulent clicks on advertisements, generating revenue to black hat marketers.

Check Point claims that the total spread of the malware campaign on Google Play- the official app store for Android users, is said to be between 30.8 million to 36.5 million.

The California-based company says that the malware is basically an adware, but can also transform into ransomware with just a few tweaks by remote hackers.The research confirms that the Korean company which developed JUDY has also crafted 41 such malicious apps which are now hiding in some form in the play store.

However, the research made by the company fails to disclose the countries which have been impacted by the Judy malware launched last year.

The malware is a silent killer says Check Point and the apps discovered by the researchers were hiding on Google Play store for several years. When the hackers/developers decided to update the apps did the researchers or the world came to know of their presence.

Google was officially informed about JUDY malware last month and the web services giant acted swiftly and removed the apps spreading the malware from its play store.

But Check Point says that the damage is done and can only be known when the developers of this malware start doing something devastating like WannaCry ransomware.

The researchers from Check Point say that the developers of JUDY might be in a tie-up with some black hat marketing companies operating from Africa, Russia, China, Singapore and South Asia. The company estimates that by now, the hackers might have generated millions in revenue through the adware.

However, the company specifically notifies us that reports of ransom demand have not been reported by JUDY victims so far. Means, we can hear the bad news anytime soon.

Naveen Goud is a writer at Cybersecurity Insiders covering topics such as Mergers & Acquisitions, Startups, Cyber Attacks, Cloud Security and Mobile Security

No posts to display