Auto-clicking Judy malware detected after years of Google Play-downloaded nefarious activity

They say Android is a substantially less secure mobile operating system than iOS, although not everyone agrees, with most viruses and widespread malware campaigns on your phones originating in dubious places around the web that are often simply outside of Google’s jurisdiction.

But while the search giant can forgo all responsibility regarding apps you choose to sideload from shady websites and developers, when it comes to Play Store-published titles an extreme vetting process should always keep you out of harm’s way.

Unfortunately, that wasn’t the case for a whopping 41 apps created by a Korean software company going by two names for a totally unsuspicious reason, we’re sure. ENISTUDIO corp., aka Kiniwini, may have directly and indirectly infected up to 36.5 million devices (!) over the past few years (!!!), before Check Point security researchers discovered and reported the issue and its seemingly “astonishing spread” to Google.

All malicious apps, including several Fashion Judy iterations, a whole bunch of Chef Judy installments and an extensive Animal Judy series, were “swiftly removed from the Play Store”, though “swift” sounds like a major overstatement considering the hack’s long, previously undetected history.

Affectionately dubbed Judy for obvious reasons, the “auto-clicking adware” thankfully didn’t swipe any financial information or sensitive, personal data from unsuspecting users. It wasn’t that bad of a security breach, but it still probably made its authors a boatload of illicit money from “large amounts of fraudulent clicks on advertisements.”

Basically, all those Judy apps, as well as a few more not actually developed by Kiniwini, which may have knowingly or unknowingly borrowed tainted code, accessed various “banners from the Google ads infrastructure” in the background without your consent or knowledge.

They also occasionally displayed a “large amount” of ads that left users with “no option but clicking on the ad itself”, and manipulated Play Store ratings to inspire trust. Bizarrely enough, their iOS equivalents are still standing, which either also makes Apple look bad or Google way worse than we imagined.

Share This Post

Watch the Latest Pocketnow Videos

About The Author
Adrian Diaconescu
Adrian has had an insatiable passion for writing since he was in school and found himself writing philosophical essays about the meaning of life and the differences between light and dark beer. Later, he realized this was pretty much his only marketable skill, so he first created a personal blog (in Romanian) and then discovered his true calling, which is writing about all things tech (in English).