This Android Malware Has Been Downloaded Over 420 Million Times

It’s never interesting to hear about a new batch of Android malware found in the Play Store. It’s even worse when this malware has been downloaded by hundreds of millions of Android users. If you have any of the following 101 apps on your smartphone, you need to uninstall them as soon as possible and possibly run an antivirus scan to download.

How the malicious module “SpinOK” works

According to Bleeping Computer , cybersecurity company Doctor Web has discovered a new Android spy module in the Play Store . This module collects data from files on your device and sends that information to attackers, which is sort of the opposite of the privacy policy you want from apps on your smartphone.

The module is positioned as a marketing SDK, a framework that developers can use to add certain features to their applications. In this case, the SDK, which Doctor Web calls SpinOK, implements mini-games, tasks, and “prizes” in applications to keep users interested. While these activities are taking place on the surface, SpinOK sends information about your device, including your gyroscope and magnetometer, to remote servers. This is to evade security researchers who might be running Android in a sandbox to weed out malware.

SpinOK also bypasses your device’s proxy settings, allowing you to hide its network connections. It can then serve you ads by connecting to its remote server, which runs a wipe on your device’s data, including the list of files on your device, the location of a particular file or directory, stealing a particular file, and even copying or replacing the contents of the clipboard.

SpinOK apps have been downloaded over 420 million times

Research by Doctor Web shows that SpinOK infected 101 apps on the Play Store with over 420 million collective downloads. This poses a huge security risk to Android users around the world. However, the top two apps on this list, Noizz and Zapya, account for nearly half of all those downloads. Doctor Web highlights these and eight other most downloaded applications, as they are most likely to be installed on the smartphone of the average Android user:

  • Noizz: Video editor with music (at least 100,000,000 downloads).
  • Zapya – File Transfer, Share (at least 100,000,000 downloads).
  • VFly: Video editor and video maker (at least 50,000,000 downloads).
  • MVBit – MV video status creator (at least 50,000,000 downloads).
  • Biugo is a video maker and video editor (at least 50,000,000 downloads).
  • Crazy Drop (at least 10,000,000 downloads).
  • Cashzine – Earn cash rewards (at least 10,000,000 downloads).
  • Fizzo Novel – Offline reading (at least 10,000,000 downloads).
  • CashEM: Get rewarded (at least 5,000,000 downloads).
  • Note: Watch to earn (at least 5,000,000 downloads).

How to protect your smartphone from SpinOK

Luckily for future Android users, it looks like Google has removed the vast majority of these apps from the Play Store. The only exception is Zapya, which as of version 6.4.1 no longer contains the malicious SpinOK module. So you won’t be able to download the rest in the future, but it won’t help you if you’ve already installed something on your device.

That’s why it’s important to go through the official list and see if any of these apps are on your device. If so, remove it immediately. (If you have Zapya installed on your device, update it.) Removing the Google app from the Play Store won’t affect the apps installed on your phone, so all you have to do is uninstall it yourself. To be on the safe side, try running an Android antivirus app on your phone to fix any issues left over from malware.

Here are some of the best antivirus apps for Android devices according to PCMag :

More…

Leave a Reply