Over 36.5 million Android devices may have been infected with a newly discovered piece of malware that generated fraudulent ad revenue for its creators. The malicious code was spotted in in 41 apps developed by a Korean company named Kiniwini and registered on Google Play as ENISTUDIO Corp., which produces a series of casual cooking and fashion games under the “Judy” brand.
According to CheckPoint Security, most of these apps have been on the Play Store for a long time but they were all recently updated so it’s unclear as to when the malicious code was added. In order to circumvent Google Play’s Protection, the hackers only downloaded the actual malicious payload after the app had been installed by connecting to a C&C server (Command and Control).
Google has removed the apps after being notified by CheckPoint but you can find the complete list of the affected apps here, and of course, if any of them are on your phone you should uninstall right away.