- Security researchers at Dr. Web discovered the trojan software.
- The software has the ability to send sensitive data to distant servers after stealing it from the victim’s device.
- Over 400 million people have downloaded the malicious programmes.
By Divya Bhati: Attacks by malware are not new. As hackers experiment with new methods to target people and steal their data and money, we frequently come across tales of new malware floating on the internet. These virus attacks are more worrisome, though, when they are able to access our devices via reputable sites. For instance, the Google Play Store includes more than 100 apps compromised by a new malware that experts have discovered.
‘SpinOK’, a new spyware that has infected over 100 applications available for download on the Google Play Store, has recently been discovered by security experts at Dr. Web working with BleepingComputer. The fact that these hacked apps have had an astounding total of over 400 million downloads makes this discovery particularly worrying.
Researchers have found that this trojan software fools users into believing it is legitimate by disguising itself as an advertisement SDK and delivering minigames with daily incentives. However, after being downloaded, the malware captures users’ personal information from their devices and sends it to a distant location. According to the analysis by Doctor Web, the SpinOk module appears to be made to keep users interested in apps by utilising mini-games, a system of duties, and purported awards and reward systems.
The research also shows that the infected apps had varying degrees of malicious content, with some still having hazardous malware while others only having it in certain versions or having been completely removed from the store. However, given that these apps have been downloaded 421,290,300 times, a sizeable portion of Android users are at risk from cyberattack. While Google has been informed by the researchers, users are urged to exercise caution and avoid downloading any such apps.
Apps Affected By Trojan Malware
The names of every one of the 101 Android-infected apps have also been made public by the Dr. Web study.trojan horse Spy.SpinOk SDK. Here is a list of the top 10 apps with this malware that have received the most app store downloads.
- Noizz is a music-infused video editor with at least 100,000,000 downloads.
- The trojan module was included in versions 6.3.3 to 6.4 but is no longer present in the most recent version, 6.4.1, of Zapya – File Transfer, Share (at least 100,000,000 installations).
- VFly is a video editor and creator (At least 50,000,000 installations).
- MVBit is an application that creates MV videos (at least 50,000,000 installations).
- Video creator and editor Biugo has at least 50,000,000 installations.
- Crazy Drop (at least ten million downloads).
- Earn cash rewards with Cashzine (needs at least 10,000,000 installations).
- Fizzo Novel – Reading Offline (At least 10,000,000 installations).
- Get Rewards with CashEM (minimum 5,000,000 installations).
- Tick: watch to earn (At least 5,000,000 installations).
Here is a complete list of Android apps that have been affected.The malware Spy.SpinOk trojan:
Users are urged to delete these apps if they have already downloaded them, even though Google was informed of the problem by the researchers and the apps were taken down from Google Play. Additionally, they are encouraged to update Google Play, including security updates, if they notice these apps on the app store.
Additionally, using antivirus software to safeguard your device from any such harmful malicious agents is strongly advised. As these updates include bug fixes and increased security while addressing current concerns, such as glitches and crashes, they should also be applied to your device on a regular basis.