It’s never fun to hear about a new Android malware attack discovered on the Play Store. It’s even worse when that malware has been downloaded by hundreds of millions of Android users. If you have any of the following 101 apps on your smartphone, you will need to delete them as soon as possible and perhaps run a virus scan to boot.
How the SpinOK malware module works
As reported by Bleeping Computercomputer security company Doctor Web discovered a new android spyware module on play store. This module extracts data from files on your device and sends that information to bad actors, which is kind of the antithesis of the privacy policy you want from apps on your smartphone.
The module purports to be a marketing SDK, a framework that developers can use to add specific functionality to their apps. In this case, the SDK, which Doctor Web calls SpinOK, implements mini-games, activities and rewards in apps to keep users interested. While these actions take place on the surface, SpinOK sends information about your device, including the gyroscope and magnetometer, to remote servers. This is done in an attempt to evade security researchers, who may be running Android in a sandbox environment to eliminate malware.
SpinOK also ignores your device’s proxy settings, which allows it to hide its network connections. It can then serve you ads by connecting to its remote server, which initiates data scraping of your device, including listing files on your device, location of a specific file or directory, stealing a specific file, and even copying or replacing the contents of your clipboard.
SpinOK apps have been downloaded over 420 million times
Doctor Webs research proves it SpinOK has infected 101 apps in the Play Store, with over 420 million collective downloads. This poses a huge security risk for Android users around the world. However, the top two apps on that list, Noizz and Zapya, comprise nearly half of all those downloads. Doctor Web highlights these apps and eight of the other most downloaded ones, as they are the ones most likely to be found on the smartphone of the average Android user:
- Noizz – Video editor with music (at least 100,000,000 downloads).
- Zapya – File transfer, sharing (at least 100,000,000 downloads).
- VFly – Video Editor & Video Maker (50,000,000+ Downloads).
- MVBit – MV Video Status Creator (at least 50,000,000 downloads).
- Biugo – video maker&video editor (at least 50,000,000 downloads).
- Crazy Drop (at least 10,000,000 downloads).
- Cashzine – Earn cash rewards (10,000,000+ downloads).
- Fizzo Romance – Offline reading (at least 10,000,000 downloads).
- CashEM – get rewards (at least 5,000,000 downloads).
- Tick: watch to earn (at least 5,000,000 downloads).
How to protect your smartphone from SpinOK
Luckily for future Android users, it appears that Google has deleted the vast majority of these apps from the Play Store. The only exception is Zapya, which as of version 6.4.1 no longer contains the malicious module SpinOK. Therefore, you can’t download the rest in the future, but that doesn’t help you if you already have one installed on your device.
That’s why it’s important to examine the file official list and see if you have any of these apps on your device. If so, delete it immediately. (If you have Zapya on your device, update it instead.) Google removing an app from the Play Store won’t affect the apps you have on your phone, so the only thing to do is uninstall it yourself. To be safe, try running an android antivirus app on your phone to root out any remaining issues from the malware.
Here are some of the superior antivirus app for android devices, according to PCMag:
#Android #malware #downloaded #million #times