SECURITY

This Android Malware Has Been Downloaded More Than 420 Million Time

6.52KViews

It’s not fun to hear about new Android malware that has been discovered in the Play Store. Even worse, when the malware has been downloaded by millions Android users. You should delete any of these 101 apps from your smartphone and run a full antivirus scan.

The “SpinOK malware module” works

According to Bleeping computer, the cybersecurity company Doctor Web has discovered a new Android spy module in the Play Store. This module scrapes information from your files and sends it back to the bad actors.

The module is marketed as a marketing SDK. It’s a framework that developers can use to integrate specific functionality into their apps. The SDK that Doctor Web calls SpinOK implements mini-games, tasks and “prizes”, in order to keep the users interested. SpinOK sends your device data, such as your magnetometer and gyroscope, to remote servers while these actions appear. This is to avoid security researchers who may be running Android within a sandboxed system to remove malware.

SpinOK can also hide its network connection by bypassing your device’s proxy setting. The connection to its remote servers allows it to serve you ads, as well as scrape your device data. This includes listing your files, finding the location of specific files or directories, stealing specific files, or even copying and replacing the contents of the clipboard.

Over 420,000,000 SpinOK apps were downloaded

Doctor Web’s analysis shows that SpinOK infected 101 Android apps on the Play Store with over 420,000,000 downloads. This poses a serious security threat to Android users worldwide. The top two apps, Noizz, and Zapya account for almost half of those downloads. Doctor Web has highlighted these apps, along with eight others that are also highly downloaded. These apps are most likely to appear on an Android smartphone.

  • Noizz: Video editor with music (at minimum 100,000,000 downloads).
  • Zapya File Transfer and Share (at least 10,000,000 downloads).
  • VFly: Video Editor&Video Maker (at least 50,000,000 Downloads).
  • MVBit – MV video status maker. (at least 50,000,000 Downloads).
  • Download Biugo, a video editor and maker (at least 50,000,000).
  • Crazy Drop (at minimum 10,000,000 downloads)
  • Cashzine: Earn money rewards (at least 10,000,000 Downloads).
  • Fizzo Novel: Read Offline (at minimum 10,000,000 downloads).
  • CashEM: Earn Rewards for Downloading at least 5,000,000 Apps.
  • Watch to Earn (minimum 5,000,000 Downloads)

SpinOK: How to protect your phone from it

Google appears to have removed the vast majority these apps from its Play Store. Zapya is the only app that has not been affected. Version 6.4.1 of Zapya does not contain SpinOK. You can no longer download any of the remaining versions, but you’re still stuck with those you’ve already installed.

It’s therefore important to check the list on your device and see if any of these apps are installed. If you have it, remove it right away. If you already have Zapya installed, please update it. Google removing the app from the Play Store will not affect the apps on your phone. You can uninstall the app yourself. To be on the safe side, run an Android antivirus application to remove any malware left behind.

Here are a few of the top antivirus apps for Android devices, according to PCMag :

  • Bitdefender is the best choice for comprehensive protection.
  • McAfee is the best choice for households with multiple devices.
  • Avast Premium Security Best for Windows and Android households:

 

Kami Whiting
the authorKami Whiting

Leave a Reply