Google recently eliminated over 40 mobile apps from its Play Store following a report by Check Point researchers who discovered malware hidden within these apps. Dubbed ‘Judy’, the malware was of the auto-clicking kind and was used to infect devices to create fraudulent clicks on ads to generate revenue. The apps reached between 4.5 million and 18.5 million downloads.
According to Check Point, the malicious apps had been developed by South Korean firm Kiniwini, registered as ENISTUDIO corp. on the Play Store. A malware code was then added secretly post-install of the app to make it non-detectable to Google’s Bouncer security scanner.
The software security firm estimates that around $300,000 were generated per month for the developer from the fraudulent activity.
App advertising fraud has been a growing issue as the market is becoming more saturated and more sophisticated fraudulent technologies are being created. According to ClicksMob research, gaming apps claimed 39% of the total fraud attempts as measured by the company’s Fraud Fighter technology.