Judy is an automated clicking malware that has infected between 8 and 37 million users. Check Point, a security solutions provider, is unsure of the extent of malware infection. Nor is it entirely clear which countries have been infected.

“Some of the apps (that were infected) we discovered resided on Google Play for several years, but all were recently updated. It is unclear how long the malicious code existed inside the apps, hence the actual spread of the malware remains unknown,” Check Point added further.

The malware generates revenue for the perpetrators by automating large amounts of clicks on advertisements. The Android user is unaware of these automated clicks.

Check Point notified Google of the 41 infected apps, which were promptly removed from the Google Play store.

Judy arrived on the heels of the WannaCry attacks that focused on outdated versions of Windows, locking users out of their computers and holding their files and details for ransom. The US, Russia, the UK, and India were all targeted by this malicious software.