Android users, check your app collection. Some of them may contain malware. A recent report shows 92 Android-specific apps with over 30 million downloads host a dangerous SpinOk malware and spyware component.
“Leveraging our mobile app chain security tools, we began examining the situation and were alarmed to find that this malicious spyware, masquerading as an advertisement for SDK, had infiltrated numerous apps in Google Play Store.”
This is in addition to more than 193 Android apps already found to have SpinOk malware as part of a software development kit for advertisers originally found by Doctor Web. CloudSEK SVigil reports that 43 of these apps are still available in the Google Play Store, toting over 5 million downloads.
“This indicates a wider compromise within the Play Store ecosystem, leaving a larger user base susceptible to potential privacy branches and data exfiltrations. The magnitude of the situation becomes apparent when we consider the collective user base of approximately 30 million individuals impacted by these compromised apps”
SpinOk can run in the background, unbeknownst to device users. It has the capability to upload files from an infected smartphone, copy or replace content from the clipboard, search through users’ files and directories, and other dangerous activities.
Essentially, SpinOk can use “file exfiltration functionality” to access and share users’ private information with third parties, along with videos, images, and any documents stored on the device. This malware can even be used to aid hackers in stealing credit card information and snagging your passwords.
The top apps CloudSEK strongly recommends deleting are:
- HexaPop Link
- Macaron Match
- Macaron Boom
- Jelly Connect
- Tiler Master
- Crazy Magic Ball
- Bitcoin Master
- Happy
- Mega Win Slots
The full list of malware-infested apps can be found here. This list will be updated as security measures are put into place for some apps, making them safe for use again. There will likely be additional apps identified as having SpinOK malware stealthfully hidden within.
This isn’t to say the apps intentionally included the spyware, just that it’s there now so best to avoid it for the time being. When downloading a new app, be sure to check into it first. Look at user reviews and its overall ranking, which can be indicative of the malware’s presence.
In addition to removing the infected apps on the abovementioned list, clear out any apps you’re no longer using. They just take up space and could potentially be swiping your data despite being abandoned.