Hot topics

Is your phone at risk of being infected with adware thanks to one of these apps?

AndroidPIT virus 1
© nextpit

Not too long ago, security researchers unmasked several game apps in the Google Play Store that were just a front for insidious adware. At the time, the researches didn't list the relevant apps (which had apparently already infected somewhere between 5 -18 million smartphones), but now we've got a clearer picture of which apps we should avoid or uninstall. Interestingly enough, the majority of apps have a common trait - the name Judy.

Profit-driven malware developers have managed to create their own money printing machine in the Google Play Store, and it's all thanks to a simple update. 41 apps from the Korean developer Kiniwini - which are available in the Play Store under the ENISTUDIO corp brand - were updated with adware code. It's still unclear whether the company did this deliberately or if one of the developers (ab)used their position to insert the code. What is certain thought is that the apps had been available for download for quite some time, and only recently (and almost simultaneously) received the malicious code per update. The oldest updates date back to April 2016, which makes both the scope and duration of the attack unclear.

judy adware play store example
An adware infected app hiding behind a 4.2 star rating / © Checkpoint

The security researchers from Checkpoint were also able to identify the same malware in other third-party apps, increasing the potential spread of infected users up to 36.5 million. In the meantime, all Judy apps have been banned from the Play Store, but if you are using one of the following apps on your device, you should uninstall them now. 

  • Fashion Judy: Snow Queen style
  • Animal Judy: Persian cat care
  • Fashion Judy: Pretty rapper
  • Fashion Judy: Teacher style
  • Animal Judy: Dragon care
  • Chef Judy: Halloween Cookies
  • Fashion Judy: Wedding Party
  • Animal Judy: Teddy Bear care
  • Fashion Judy: Bunny Girl Style
  • Fashion Judy: Frozen Princess
  • Chef Judy: Triangular Kimbap
  • Chef Judy: Udong Maker – Cook
  • Fashion Judy: Uniform style
  • Animal Judy: Rabbit care
  • Fashion Judy: Vampire style
  • Animal Judy: Nine-Tailed Fox
  • Chef Judy: Jelly Maker – Cook
  • Chef Judy: Chicken Maker
  • Animal Judy: Sea otter care
  • Animal Judy: Elephant care
  • Judy’s Happy House
  • Chef Judy: Hotdog Maker – Cook
  • Chef Judy: Birthday Food Maker
  • Fashion Judy: Wedding day
  • Fashion Judy: Waitress style
  • Chef Judy: Character Lunch
  • Chef Judy: Picnic Lunch Maker
  • Animal Judy: Rudolph care
  • Judy’s Hospital:pediatrics
  • Fashion Judy: Country style
  • Animal Judy: Feral Cat care
  • Fashion Judy: Twice Style
  • Fashion Judy: Myth Style
  • Animal Judy: Fennec Fox care
  • Animal Judy: Dog care
  • Fashion Judy: Couple Style
  • Animal Judy: Cat care
  • Fashion Judy: Halloween style
  • Fashion Judy: EXO Style
  • Chef Judy: Dalgona Maker
  • Chef Judy: ServiceStation Food
  • Judy’s Spa Salon
  • 커플디데이 (커플기념일, 위젯)
  • Dog Music (Relax)
  • 카카오톡 대화분석기
  • 황금기 알리미 (여성달력)
  • 100억 가계부
  • KatocPic(카톡픽) – 카톡프로필
  • 필수추천 무료어플 77
  • Spring-It’s stylish, it’s sexy
  • Crafting Guide for Minecraft

The adware managed to secretly bypass "Bouncer" - Google's Play Store protection mechanism. All of the technical details and an overview of the code is explained in a Checkpoint blogpost. What the "infected" app does is quite simple - it loads and clicks visible (and hidden in the background) ad banners. Those banner impressions and clicks then give the adware author a nice boost in illegitimate sales. Another unpleasant side effect is that the original app, which might have been useful in the beginning, now becomes unusable and leaches off your mobile data.

The fact that the apps continued to maintain their strong ratings in the Play Store can also be attributed to the skill of adware creators. Often, users are forced to give five-star ratings in apps in order to continue using them or they are tricked into giving ratings by other means.

Users of Android smartphones are hardly able to defend themselves against such spontaneous attacks. Anti-malware apps can only advise against installing an app, but they do not remove malware or prevent its installation due to system restrictions. Real protection is only done at the kernel level, and this is only happens with the (infrequent) system updates.

Have you been affected by this adware issue? Let us know in the comments below.

 The best smartphones under $400

  Editorial tip Price tip 3rd place 4th place 5th place
Product
Image Google Pixel 6a Product Image Apple iPhone SE (2022) Product Image Samsung Galaxy A53 Product Image OnePlus Nord N20 Product Image Motorola Moto G Stylus 5G (2023) Product Image
Review
Review: Google Pixel 6a
Review: Apple iPhone SE (2022)
Review: Samsung Galaxy A53
Not yet tested
Not yet tested
Price (MSRP)
  • $449.00
  • $429.00
  • $449.99
  • $299.00
  • $399.00
Offer*
Go to comment (3)
Eric Ferrari-Herrmann

Eric Ferrari-Herrmann
Senior Editor

Eric has been with AndroidPIT since 2014. He’s writing articles and reviews for the German website. Topics are mostly privacy and new technology but there's also the occasional piece on environmental sustainability.

View all articles
Liked this article? Share now!
Recommended articles
Latest articles
Push notification Next article
3 comments
Write new comment:
All changes will be saved. No drafts are saved when editing
Write new comment:
All changes will be saved. No drafts are saved when editing

  • Steven Rhods 8
    Steven Rhods Jun 1, 2017 Link to comment

    Thanks for sharing this list. Now I wouldn't going to install any app that has "Judy" in it's name.

    Deactivated Account


  • Tech Mate 6
    Tech Mate Jun 1, 2017 Link to comment

    Finally, only androidpit had the common sense to list the apps.

    Deactivated Account


  • 20
    Reg Joo Jun 1, 2017 Link to comment

    Thanks for listing these apps, heard about this in another article, but no apps were listed.

    Deactivated Account

Write new comment:
All changes will be saved. No drafts are saved when editing