Silent Yet Malicious JUDY Adware: An Insight And Safety Measures

As the world is recovering from the WannaCry attack, it’s barely two weeks as JUDY, an Adware hits Android OS affecting over 36.5 million devices. The most noteworthy point, it even outsmarted the security scanner Google Bouncer. So it’s important to know how to protect Android devices from JUDY Adware.

Modus Operandi of JUDY Adware

Probably everyone knows how Adware operates by generating fraudulent clicks through an unsuspecting user. JUDY is no exception.

JUDY spreads through what may seem as funny Gaming apps (clever isn’t it.? targeting maximum users to generate clicks).

There are 41 such fraudulent Apps, which are developed by ENIStudio, a Korean Game developing firm, and these Apps hosts the Adware.

Upon thorough security check, it was found that this Adware silently existed in the Play-Store since early 2016. (36.5 million victims now makes sense!!)

An Organised approach to Carryout the Adware Heist

It starts with-

• A user downloading a malicious App which silently registers a receiver.
• The receiver connects to the Command & Control Server.
• The server sends a payload consisting of Javascript codes, a user-agent string, and URLs controlled by the hacker.
• User Agent opens the URL only to open a target website.
• Then JavaScript code executes to generate an illegal click on banners from the Google Ads.
• Upon clicking the Ads, the hackers receives payment from the website developer.

At the user end, JUDY usually displays Ads over the App and confused user eventually ends up clicking it.

So, now you must be worrying about how to protect Android devices from JUDY Adware! Well, stay assured as Google has removed all the malicious Apps from Playstore, that hosted JUDY Adware.

Yet there are 3rd party platforms where these malicious Apps might still be available, so JUDY still poses a threat. Furthermore, it is not stealing data or crippling your device, yet it is carrying out fraudulent activities through your device.This itself is a criminal offense.

How To  Protect Android Devices from JUDY Adware

• Use an efficient Anti-Virus such as BitDefender which scans each App for possible malware/adware before downloading.
• Keep your device updated with the latest version of Apps.
• Update security patches regularly.
• Use VPN while using a public network.
• Carefully read the most recent reviews before downloading an App.
• If you feel an App is asking permission to access something which is unrelated to the          App’s functionality, then do not install the App.
• Use only encrypted apps. Recently, Whatsapp including several apps brought encryption.
• Download apps from only trusted sources like AndroidSage.
• Don’t go by the popularity/most no of downloads, judge over how secure the App is.
• If you notice suspicious users complaining about the unusual behavior of an                           App, then don’t  download it.