Skip to Content

36 million phones infected by stealthy malware

Update 5/31/2017: After learning about the malicious apps in the list below, Google removed them from the Play Store. If you, or anyone you know previously downloaded any of them, make sure to follow the instructions below to remove permissions and delete the apps from all gadgets.

One of the reasons that we love our smartphones is the ability to download several of the millions of available apps. These apps turn what otherwise would be just a phone into a multi-purpose device. We can use them to play games, video chat with friends who live thousands of miles away, connect with people through social media and so much more.

Typically it’s safer to download apps from the official app stores than from a third-party vendor. However, a malware campaign was recently discovered in an official app store that has infected millions of gadgets and you or a loved one might be affected.

Which apps are infecting gadgets with malware?

Researchers at Check Point recently discovered the malware scam on Google’s Play Store. The malware dubbed “Judy” has been hiding behind the scenes on 41 specific apps that have been available in the Play Store for years, so it’s unclear how long they have been infecting gadgets.

The malicious apps were developed by the Korean company, Kiniwini, listed in the Play Store as ENISTUDIO corp. The impacted apps have been downloaded millions of times and may have been spread to over 36 million users.

How the scam works is, the user downloads an app from the Play Store and at that point, it’s not malicious. But once the user opens the app, it connects to its Command and Control server (C&C) and installs the malicious code.

The app then works behind the scenes as a moneymaker for the person behind the scam. It makes money by clicking on ads without the users’ knowledge, bringing in millions of dollars for the scammers.

If your gadget is infected with adware, you most likely won’t notice. It is possible that the adware is slowing your device or causing the battery to die faster though.

It appears that most of these impacted apps are games or ones that children would have downloaded. So it’s a good idea to share this article with family and friends who have kids.

Here is a list of the affected apps:

  • Animal Judy: Rudolph care
  • Animal Judy: Fennec Fox care
  • Animal Judy: Dog care
  • Animal Judy: Cat care
  • Animal Judy: Persian cat care
  • Animal Judy: Dragon care
  • Animal Judy: Teddy Bear care
  • Animal Judy: Rabbit care
  • Animal Judy: Nine-Tailed Fox
  • Animal Judy: Sea otter care
  • Animal Judy: Elephant care
  • Animal Judy: Feral Cat care
  • Chef Judy: Character Lunch
  • Chef Judy: Picnic Lunch Maker
  • Chef Judy: Dalgona Maker
  • Chef Judy: Service Station Food
  • Chef Judy: Hotdog Maker – Cook
  • Chef Judy: Birthday Food Maker
  • Chef Judy: Halloween Cookies
  • Chef Judy: Triangular Kimbap
  • Chef Judy: Udong Maker – Cook
  • Chef Judy: Jelly Maker – Cook
  • Chef Judy: Chicken Maker
  • Fashion Judy: Wedding day
  • Fashion Judy: Waitress style
  • Fashion Judy: Country style
  • Fashion Judy: Myth Style
  • Fashion Judy: Couple Style
  • Fashion Judy: Halloween Style
  • Fashion Judy: EXO Style
  • Fashion Judy: Snow Queen style
  • Fashion Judy: Pretty rapper
  • Fashion Judy: Teacher style
  • Fashion Judy: Wedding Party
  • Fashion Judy: Bunny Girl Style
  • Fashion Judy: Frozen Princess
  • Fashion Judy: Uniform style
  • Fashion Judy: Vampire style
  • Judy’s Happy House
  • Judy’s Hospital: Pediatrics
  • Judy’s Spa Salon

What you need to do immediately

If you or anyone you know has downloaded one of the affected apps on the list, you need to delete the app from your gadget. However, if you gave the app certain permissions, you need to revoke those permissions first.

To revoke permissions to apps, visit your Google account settings page. From there, click on “Connected apps & sites” under “Sign-in & Security.” On the next page, click “Manage Apps” and you will see a list of your connected apps and their access level. Just click on all affected apps and select “Remove.”

Once you have revoked permissions from the affected apps, it’s safe to delete the apps from your gadget. They will no longer be clicking ads in the background and your device will be good to go.

More stories you can’t miss:

5 ways to test your computer’s security

Keep criminals off your Wi-Fi with ease

New security flaw leaves door wide open for another global ransomware attack

Refer friends, earn rewards

Share your source of digital lifestyle news, tips and advice with friends and family, and you'll be on your way to earning awesome rewards!

Get started