What is Judy Malware and Is it a Matter of Concern?

Written By Chirag Arora

Approved By Anuraag Singh

Published On November 2nd, 2022

Reading Time 4 Minutes Reading

Overview of What is Judy Malware

Where people have still not recovered from WannaCry virus, another virus has created tremendous havoc. This new infection, better known as Judy malware has hit over 36.5 million Android users around the globe. It is constantly in buzz for having infected 35 million Android phones as is reported by Checkpoint, a company that specializes in analysis and tracking of malware and viruses infecting smartphones. Judy malware apps are the scariest things found in smartphones today as it actually spreads by Google’s own play store. So the big question now is that should we need to worry about Judy virus and is your smartphone safe from it?

What is Judy Malware?

Checkpoint specialists say that Judy malware is an auto-clicking adware that has been found on 41 apps developed by a Korean firm. This malicious virus is reported to be hiding in the app code since April of 2016. The worst part is that since its appearance around 4.5 – 18.5 million times, its applications have been downloaded by the users that contain Judy in them. The precise estimate of a number of devices/phones that have been infected by this virus is still undercounted. To minimize the menace of Judy malware Google has booted 41 apps out of its play store that was inflicted by the virus.

Consequences After Judy Attacks a Phone:

Since Judy is an adware thus, its sole aim is to make money for its creators so it displays fake ad clicks after a phone has been infected by it. However, the infection occurs after the user downloads its applications from Google Play Store. After maligning a phone the Judy Malware apps directly connect to a Control and Command Center driven by its makers.

The Checkpoint researchers stated that the hackers of Judy virus make a very genuine bridgehead application to establish a connection with the device of the victim. After the victim downloads the maligned application it stealthily registers receivers that form a connection with the C&C server. After this, the server responds with the real maligned payload.

This payload has a JavaScript code which is a user-agent string and URLs governed by virus creators. This Judy malware opens the URLs by the user agent, which copies a system browser in a concealed web page and gets a redirection to other websites. The virus uses JavaScript code to track and click on banners from ads infrastructure of Google after the targeted website is opened. Once the user clicks on ads, the Judy malware apps creator gets payment from the developer of the website that pays further for the unauthorized clicks and traffic.

Is Judy Malware a Matter of Concern?

Of course! It is. Though Google claims that it frequently scans play store to keep a check on maligned threats and applications yet it is evident that in this case bouncer protection of Google has failed miserably. Thus, one has to be extra careful while downloading any unknown apps from play store.

The Checkpoint researchers state that the rogue apps containing Judy virus in them, to Google are claimed to have been removed from Google’s play store. However, one has to be still very cautious while downloading any unknown application.

Know if Judy has Invaded your Phone or Not?

The most reliable way to figure out if Judy malware has inflicted the device is by keeping a check on what kind of applications have been installed in the device. Unfortunately, there is no software or tool meant for this detection process. If a user has downloaded any such infected application then, there is a high probability of phone or device of getting maligned by the Judy malware. In this case, the first thing a user should do is to format the smartphone as soon as possible. This will mark the immediate risk of device getting vulnerable to the vicious trap of the dirty malware.

In the image shown below, one of the application has been shown that contains hidden Judy code in it. This app once downloaded is sure to corrupt the data and files. Even its name Chef Judy: Picnic Lunch Maker indicates the presence of Judy virus in it.

Few Closing Thoughts

Since its origination, Judy virus has taken the world by storm. Viruses have always been a matter of concern because of the devastating effects they carry with them. This Judy malware has reportedly infected over 36.5 million smartphones and users are still struggling to explore more on What is Judy Malware? Therefore, in this write-up, we have tried, to sum up, all the essential information linked with this virus so as to give users an in-depth insight on the calamity called Judy.

By Chirag Arora

Chirag Arora is a seasoned professional who wears multiple hats in the digital realm. As a Digital Marketing Manager, he orchestrates successful online campaigns, optimizing brand visibility and engagement. Additionally, Chirag brings meticulous attention to detail to his role as a Content Proofreader, ensuring that every piece of content shines with accuracy and clarity.

View all of Chirag Arora's posts.