An adware named Judy has managed to trick the Google Play store security systems

Check Point security experts have recently discovered a widespread malware campaign at the Play store. The malware we are talking about here is called Judy, and it was discovered in 41 applications developed by a Korean company that is not exactly trust worthy.

This type of malware is actually an adware that uses thousands of false clicks on ads to generate revenue.

As host applications became more popular, it is estimated the number of affected devices would have reached about 36.5 million.

Researchers have found that other apps in the store were malware, but the connection between the two revelations is not yet clear. One of the scenarios is the malware has been “borrowed” from some applications.

Some apps are available in the Play Store for years, but have recently received an update that would integrate the adware. However, Check Point’s experts, quoted by, are not sure how old the presence of the malicious code is in the analyzed applications.

In order to get past the Google Play security system, Judy’s creators made an application that seemed right.

Once installed on a phone, the app connects to a control and command server, where it downloads the malware, including JavaScript, and author-controlled links.

Adware then opens the link that mimics a PC browser on a hidden webpage.

After this step, a new redirect was uploading ads from Google Ads, generating false clicks.

The complete list of applications affected by this adware can be found here, and if you have one of them installed on your phone, it is recommended that you delete and scan your phone against viruses.