Severity scale:  

Remove Judy virus (Free Guide) - Tutorial

removal by Olivia Morelli - - | Type: Malware

Judy – Android malware that uses affected devices for generating pay-per-click revenue

The image of Judy

Judy is adware program that has been widely distributed on Google Play store. Malware may have affected more than 35 million Android users. The purpose of the adware is to generate advertising-based revenue.

Malware employed a two-stage attack vector that allowed to bypass Google’s security. In this way, 41 applications, such as Jeff Judy: Picnic Lunch Maker, Fashion Judy, Magic Girl Style and Fashion Judy, Masquerade Style, and others, were added in Google Play store without being detected. However, once users installed one of the malicious apps, the malicious payload was downloaded from the another server.

After the installation Judy virus connects to its Command and Control (C&C) server. It responds with malware payload that consists of three main components: JavaScript code, user agent string, and particular URLs. With the help of them, malware connects the affected device to an adware server and starts working as a browser: by opening particular pages it generates advertising-based revenue.

The security firm Check Point detected that malicious applications were created by Kiniwin – the Korean company that develops mobile apps for Android and iOS systems. Meanwhile, on the Google Play shady developers were registered as ENISTUDIO corp. However, several infected apps were developed by other developers. The relationships between creators are unknown.

Surprisingly, malicious applications have been available on Google Play for a while. Some of them were available since 2016. However, recently, they were updated.[1] What is more, they had high rates, and it may have tricked millions of users. However, relying only on user’s evaluation is not enough. Hackers may create dozens of fake reviews in order to make a good image of the app. Therefore, if you have been tricked and installed a malicious program, you should not hesitate and focus on Judy removal.

The picture of Judy virus
Judy is a malware that already infected more than 35 million Android users.

Apart from using affected devices for generating pay-per-click revenue illegally, Judy also displayed tons of aggressive ads. They may have shown up as pop-ups or cover the whole device’s screen. Some of them did not have a close button and forced users to click them in order to use their smartphones normally again.

Google was informed about malicious apps, and they were removed immediately. However, people should check the list of installed programs and make sure that Judy hasn’t been installed on their smartphones or tablets. The full list of applications is disclosed in Check Point’s blog post.[2]

If malware ended up on your device, you should run a full system scan with a mobile-friendly security program, such as Reimage Reimage Cleaner Intego. It helps to remove Judy and keep your phone protected from other cyber threats in the future.

Malware has been spreading as an obfuscated app

Judy has been distributed via 41 different application on Google Play App store. Nevertheless, all these applications were detected and eliminated; you should be aware of this sneaky distribution technique in order to avoid similar attacks. Before installing new applications to your phone, always read users review online and learn more about the developer. As you can see, trusting reviews only on Google Play may not be enough.

However, malware might also be distributed on unauthorized sites that offer to download various applications. It goes without saying that you should stay away from these sources. Installing apps from here may lead to even bigger problems than Judy hijack.

Eliminating Judy malware from Android device

In order to remove Judy from the device, you should uninstall a malicious app from your smartphone or tablet. Got to Settings and access Apps (or Application manager) and in the appeared list find malicious apps. Uninstall them just like regular programs.

However, malware may have installed additional components on the device. Thus, we highly recommend opting for automatic Judy removal option. It requires scanning the device with a reputable anti-malware program, such as Reimage Reimage Cleaner Intego. Your chosen software not only deletes adware but protects your device from similar threats in the future. 

do it now!
Reimage Happiness
Intego Happiness
Compatible with Microsoft Windows Supported versions Compatible with OS X Supported versions
What to do if failed?
If you failed to remove virus damage using Reimage Intego, submit a question to our support team and provide as much details as possible.
Reimage Intego has a free limited scanner. Reimage Intego offers more through scan when you purchase its full version. When free scanner detects issues, you can fix them using free manual repairs or you can decide to purchase the full version in order to fix them automatically.
Alternative Software
Different software has a different purpose. If you didn’t succeed in fixing corrupted files with Reimage, try running SpyHunter 5.
Alternative Software
Different software has a different purpose. If you didn’t succeed in fixing corrupted files with Intego, try running Combo Cleaner.

About the author

Olivia Morelli
Olivia Morelli - Ransomware analyst

If this free removal guide helped you and you are satisfied with our service, please consider making a donation to keep this service alive. Even a smallest amount will be appreciated.

Contact Olivia Morelli
About the company Esolutions


Your opinion regarding Judy virus