Beware! Malware found in 101 Android Apps; Delete these apps

Representational image

Representational image


The new Trojan malware SpinOk was detected in 101 apps on the Google Play Store. The malware was found disguised as an advertising SDK in these apps.

Malware attacks are not new. We often see reports of new malware circulating online as hackers try new ways to attack people and steal their data and money. However, these malware attacks are more problematic when they reach our devices via trusted sources. For example, researchers have detected a new malware that infected over 100 apps in the Google Play Store.

Dr Web security researchers, in collaboration with BleepingComputer, recently identified a new spyware called 'SpinOK' that has infected over 100 applications available for download on the Google Play Store. This discovery is particularly alarming because these compromised apps have had a staggering total of over 400 million downloads.

Researchers have discovered that this Trojan malware is disguised as an advertising SDK and appears legitimate by offering mini-games with daily rewards to attract users. However, once downloaded, the malware steals private data stored on users' devices and sends it to a remote server.

"At first glance, the SpinOk module is designed to maintain users' interest in the applications with the help of mini-games, a task system, and supposed prizes and reward draws," reveals the Doctor Web report.

The report further reveals that the infected apps had different levels of malicious content, some still contained malware, and some had specific versions or were removed from the store entirely. However, these apps have been downloaded 421,290,300 times, putting many Android users at risk of cyber threats. While the researchers have alerted Google about it, users are also asked to take precautions and avoid downloading such apps.

Applications affected by Trojan malware

The Dr Web report has also revealed the names of all 101 applications infected with the Android.Spy.SpinOk SDK Trojan. Here is the list of the top 10 apps that contain this malware and have the most downloads on the app store.

Biugo - video maker&video editor (at least 50,000,000 installations).

Crazy Drop (around 10,000,000 installations).

Cashzine - Earn money reward (at least 10,000,000 installations).

CashEM: Get Rewards (at least 5,000,000 installations).

Fizzo Novel - Reading Offline (at least 10,000,000 installations).

MVBit - MV video status maker (at least 50,000,000 installations).

Noizz: video editor with music (at least 100,000,000 installations).

Tick: watch to earn (at least 5,000,000 installations).

VFly: video editor&video maker (at least 50,000,000 installations).

Zapya - File Transfer, Share (at least 100,000,000 installations; the trojan module was present in version 6.3.3 to version 6.4 and is no longer present in current version 6.4.1).

Although the researchers have reported the issue to Google, the apps have been deleted from Google Play. Still, users are asked to remove these apps if they have already downloaded them. Also, if they see these apps in the app store, they are encouraged to update Google Play, including security updates.

Show Full Article
Print Article
Next Story
More Stories