SpinOK spyware infects over 100 Android apps with 421 million downloads, check list

Written By Raunak Jain | Updated: Jun 04, 2023, 08:10 PM IST

The malware was discovered in these apps posing as an advertisement SDK.

Malware attacks have become a common occurrence in our digital landscape. Reports frequently highlight the emergence of new malware strains, as hackers continuously devise innovative methods to target unsuspecting individuals and pilfer their valuable data and finances. However, the gravity of these attacks intensifies when the malware infiltrates our devices through seemingly trustworthy channels. A recent finding by security researchers at Dr. Web, in collaboration with BleepingComputer, has unveiled a disconcerting spyware named 'SpinOK,' which has infected over a hundred applications available for download on the Google Play Store. The sheer magnitude of this revelation is staggering, as the compromised apps collectively boast a staggering 400 million downloads.

Upon investigation, researchers found that this trojan malware cunningly disguises itself as an advertisement Software Development Kit (SDK), masquerading as a legitimate offering by presenting users with enticing minigames accompanied by daily rewards. However, unbeknownst to users, once downloaded, this insidious malware pilfers private data stored on their devices and surreptitiously transmits it to a remote server.

A comprehensive report published by Doctor Web delves into the intricacies of the SpinOK module, highlighting its ostensible purpose of captivating users' attention by incorporating mini-games, a task system, and alluring prize drawings. Superficially, it all appears innocuous, but beneath the surface, a sinister agenda unfolds.

The researchers further disclosed that the infected apps exhibited varying degrees of malicious content. Some retained harmful software, while others contained specific versions of the malware or were altogether removed from the app store. Nevertheless, the staggering download count of 421,290,300 exposes a significant population of Android users to these cyber threats. Although the researchers have dutifully notified Google about this alarming situation, users are strongly advised to exercise caution and refrain from downloading any such compromised applications.

Notably, the report by Dr. Web has furnished a comprehensive list of the 101 infected apps hosting the Android.Spy.SpinOK trojan SDK. Here are the top 10 apps, ranked by their installation count, that harbor this nefarious malware within their code:

1. Noizz: video editor with music (minimum 100,000,000 installations).

2. Zapya - File Transfer, Share (minimum 100,000,000 installations; the trojan module was present in version 6.3.3 to version 6.4 and has been removed in the current version 6.4.1).

3. VFly: video editor&video maker (minimum 50,000,000 installations).

4. MVBit - MV video status maker (minimum 50,000,000 installations).

5. Biugo - video maker&video editor (minimum 50,000,000 installations).

6. Crazy Drop (minimum 10,000,000 installations).

7. Cashzine - Earn money reward (minimum 10,000,000 installations).

8. Fizzo Novel - Reading Offline (minimum 10,000,000 installations).

9. CashEM: Get Rewards (minimum 5,000,000 installations).

10. Tick: watch to earn (minimum 5,000,000 installations).

Although the researchers have promptly reported this issue to Google, resulting in the removal of the infected apps from the Google Play Store, users who have already downloaded these apps are strongly advised to delete them immediately. Furthermore, individuals browsing the app store should ensure that they update Google Play, including the installation of the latest security updates. Employing reputable antivirus software to safeguard their devices against such malicious agents is also highly recommended. In addition, it is crucial to keep devices up to date with the latest system and security updates, as these updates address existing vulnerabilities, bugs, and crashes while enhancing overall device security.

Read more: Apple planning to open 3 more stores in India, check location, timeline