What may just be the largest malware campaign in Google Play’s history is named Judy.
Check Point discovered 42 apps on the Google Play Store, all from one developer, which was really malware. The malware is dubbed Judy because many of the apps were games involving the virtual character Judy. The developer is Korea based Kiniwini publishing under the name of ENISTUDIO Corp.
The collected apps have between 4.5 million and 18.5 million downloads from the Google Play Store, although it is unknown how long the malicious code has been present within the apps. Google quickly removed all offending apps from the Play Store once notified. While Check Point has only commented on Kiniwini apps within the Google Play Store, the developer has 45 Judy apps still available within the Apple App Store.