What Is Judy The Malware and How Does It Operate
Checkpoint online
forensic researchers have discovered a malware that attacks android phones and
it’s name is Judy. The malware has hit millions of Android phone users last May
2017. The malware named Judy was found in at least forty one apps that had the
Judy name on it. Checkpoint had told Google about it. As of my knowledge Google
has removed these apps and they have added security measures like Play Protect.
As Android phone users we must know how
to protect ourselves. This is why you must update your security patches. This malware
originated from the app called “Judy the chef.” It was designed to be an auto -
clicking adware that infects android phone devices so that it can generate a
huge amount of fraudulent clicks on advertisements so that it can produce a big
revenue for the perpetrators that are
bound to gain from it. If you have been
infected by tis malware there is no way to fix it except by reformatting your android phone.
The malware named
Judy works upon downloading the app and it quietly registers a receiver that
makes a connection with the common and control server. The server will respond by
using a malicious payload that has a dubious javascript code, a user - agent string
and URL’s that are managed by the author of this malware. The malware will gain
access to the URLs through the user agent that mimics a PC browser that is well
concealed in a hidden webpage and then it is diverted to a particular website. When
that particular website is put in motion, the malware will use the javascript
code to locate and start clicking on the banners coming from Google ads. When
the ads are clicked, the author of the malware will begin receiving payments
from the website developer. The javascript
code finds the intended ads by looking for iframes which incorporates ads
coming from Google.
0 Comments:
Post a Comment
Subscribe to Post Comments [Atom]
<< Home