Up to 36.5 million Android devices may have been infected with a newly discovered piece of malware that generated fraudulent ad revenue for its creators. The malicious code was spotted in in 41 apps developed by a Korean company named Kiniwini and registered on Google Play as ENISTUDIO Corp., which produces a series of casual cooking and fashion games under the “Judy” brand.
According to CheckPoint Security, most of these apps have been on the Play Store for a long time but they were all recently updated so it’s unclear as to when the malicious code was added.
Although this is potentially the most widely-spread malware yet found on Google Play, it isn’t the first nor the most damaging. CheckPoint says it did not find any evidence of compromised user data.
Google has removed the apps after being notified by CheckPoint but you can find the complete list of the affected apps here, and of course, if any of them are on your phone you should uninstall right away.