Google Just Uncovered a Massive Ad Fraud Network in Their App Store

Google just located and removed 41 Android apps — all from a single developer — that secretly included malware in each download. The apps used infected Android phones to auto-click on ads, and the number of downloads makes this possibly the largest mobile ad fraud network Google has ever faced.

The malware apps saw between 4.5 million and 18.5 million downloads, as security company Check Point reports. Check Point was able to report the troublemaking apps, and Google has since removed them from their official app store, Google Play.

How It Works

Some of the apps had been around for years, but all were consistently updated, meaning that this malware campaign was a resounding success up until now. Here are the full details from the company that cracked the case:

“The malware, dubbed ‘Judy,’ is an auto-clicking adware which was found on 41 apps developed by a Korean company. The malware uses infected devices to generate large amounts of fraudulent clicks on advertisements, generating revenues for the perpetrators behind it. […]

We also found several apps containing the malware, which were developed by other developers on Google Play. The connection between the two campaigns remains unclear, and it is possible that one borrowed code from the other, knowingly or unknowingly. The oldest app of the second campaign was last updated in April 2016, meaning that the malicious code hid for a long time on the Play store undetected. These apps also had a large amount of downloads between 4 and 18 million, meaning the total spread of the malware may have reached between 8.5 and 36.5 million users. Similar to previous malware which infiltrated Google Play, such as FalseGuide and Skinner, Judy relies on the communication with its Command and Control server (C&C) for its operation. After Check Point notified Google about this threat, the apps were swiftly removed from the Play store.”

Avoiding Malware Apps

The only way to be sure you’re safe is to opt for downloading only the most well-established professional apps. And given some of Uber’s brushes with the Apple Store’s ethical standards that have recently come to light, maybe even the established apps aren’t safe.

A full list of the 41 malware apps involved in this incident is available over here, for those interested in finding out if their Android phone has been supporting ad scammers for the last few years. Hint: If ‘Judy’ is in the title of an app you downloaded, you’re in trouble.

Did you find this article helpful? Click on one of the following buttons
We're so happy you liked! Get more delivered to your inbox just like it.

We're sorry this article didn't help you today – we welcome feedback, so if there's any way you feel we could improve our content, please email us at contact@tech.co

Written by:
Adam is a writer at Tech.co and has worked as a tech writer, blogger and copy editor for more than a decade. He was a Forbes Contributor on the publishing industry, for which he was named a Digital Book World 2018 award finalist. His work has appeared in publications including Popular Mechanics and IDG Connect, and his art history book on 1970s sci-fi, 'Worlds Beyond Time,' was a 2024 Locus Awards finalist. When not working on his next art collection, he's tracking the latest news on VPNs, POS systems, and the future of tech.
Explore More See all news
Back to top
close Thinking about your online privacy? NordVPN is Tech.co's top-rated VPN service See Deals