Once installed on a phone, the rogue apps created by a Korean firm generate large amounts of fraudulent clicks on advertisements, generating revenues for the perpetrators behind it.
Security experts have warned of a major Android malware scam on Google’s Play Store.
Dubbed malware, its uses apps believed to have been downloaded up to 18 million times to infect devices.
Once installed on a phone, the apps generate large amounts of fraudulent clicks on advertisements, generating revenues for the perpetrators behind it.
Scroll down for video
‚The malicious apps reached an astonishing spread between 4.5 million and 18.5 million downloads, ‚ said Check Point, the security firm that discovered the malware.
The malware, dubbed ‚Judy‘, is an auto-clicking adware which was found on 41 apps developed by a Korean company.
The company’s name is Kiniwini, and it also appears on the Google Play Store as ENISTUDIO corp, say the researchers.
The malware uses infected devices to generate large amounts of fraudulent clicks on advertisements, generating revenues for the perpetrators behind it.
The malicious apps reached an astonishing spread between 4.5 million and 18.5 million downloads.
‚Some of the apps we discovered resided on Google Play for several years, but all were recently updated, ‚ the team said.
It is unclear how long the malicious code existed inside the apps, hence the actual spread of the malware remains unknown.
Other developers are believed to have used the same code to crete their own versions of the exploit.
‚We also found several apps containing the malware, which were developed by other developers on Google Play.
‚The connection between the two campaigns remains unclear, and it is possible that one borrowed code from the other, knowingly or unknowingly.‘
The oldest app of the second campaign was last updated in April 2016, meaning that the malicious code hid for a long time on the Play store undetected.
These apps also had a large amount of downloads between 4 and 18 million, meaning the total spread of the malware may have reached between 8.5 and 36.5 million users.
After Check Point notified Google about this threat, the apps were swiftly removed from the Play store.
