News

SpinOK Android malware found in apps with 30 million installs

Security Parrot Editorial Team

SpinOk Malware Found in Another Batch of Apps on Google Play

Last week, it was reported that SpinOk malware had infiltrated Google Play, and the apps infected by it were downloaded more than 421 million times in total. Now, experts have identified a new batch of applications with this malware, which have been installed another 30 million times.
SpinOK was first discovered by Doctor Web analysts. They said that the malware is distributed under the guise of a marketing SDK, and has infected many applications in this way. The developers of these applications most likely used the malicious SDK, considering it to be a regular ad library and unaware of the malicious functions.

What Does SpinOk Do?

The malware is designed to keep users in apps through mini-games, task systems, and ostensibly prize draws. In reality, it has spy functions: it collects information about files stored on devices in the background, can transfer them to attackers, and is also capable of replacing and uploading the contents of the clipboard to a remote server.

More Apps Infected by SpinOk

CloudSEK researchers have now reported that they used indicators of compromise provided by Doctor Web and managed to detect another batch of 92 SpinOk-infected applications. That is, in total, 193 malicious applications have already been detected.
The most downloaded app found by CloudSEK was HexaPop Link 2248 with over 5 million installs (now removed from Google Play). Other popular apps that use the SpinOk SDK include: Macaron Match (XM Studio) – 1,000,000 downloads; Macaron Boom (XM Studio) – 1,000,000 downloads; Jelly Connect (Bling Game) – 1,000,000 downloads; Tiler Master (Zhinuo Technology) – 1,000,000 downloads; Crazy Magic Ball (XM Studio) – 1,000,000 downloads; Happy 2048 (Zhinuo Technology) – 1,000,000 downloads; Mega Win Slots (Jia22) – 500,000 downloads.
According to CloudSEK, the total number of malicious app downloads has exceeded 30,000,000.

SpinOk Malware: A Growing Threat on Google Play

Google Play is the largest app store in the world, and it is the go-to destination for millions of Android users. However, it is not immune to malicious software, as evidenced by the recent discovery of SpinOk malware.
SpinOk is a malicious software development kit (SDK) that is distributed under the guise of a marketing tool. It was first discovered by Doctor Web analysts, who found that it had infiltrated many apps on Google Play.

What Does SpinOk Do?

SpinOk is designed to keep users in apps through mini-games, task systems, and ostensibly prize draws. However, it also has spy functions: it collects information about files stored on devices in the background, can transfer them to attackers, and is also capable of replacing and uploading the contents of the clipboard to a remote server.

More Apps Infected by SpinOk

CloudSEK researchers have now reported that they used indicators of compromise provided by Doctor Web and managed to detect another batch of 92 SpinOk-infected applications. That is, in total, 193 malicious applications have already been detected.
The most downloaded app found by CloudSEK was HexaPop Link 2248 with over 5 million installs (now removed from Google Play). Other popular apps that use the SpinOk SDK include Macaron Match (XM Studio) – 1,000,000 downloads; Macaron Boom (XM Studio) – 1,000,000 downloads; Jelly Connect (Bling Game) – 1,000,000 downloads; Tiler Master (Zhinuo Technology) – 1,000,000 downloads; Crazy Magic Ball (XM Studio) – 1,000,000 downloads; Happy 2048 (Zhinuo Technology) – 1,000,000 downloads; and Mega Win Slots (Jia22) – 500,000 downloads.
According to CloudSEK, the total number of malicious app downloads has exceeded 30,000,000.

How to Protect Yourself from SpinOk Malware

SpinOk malware is a serious threat to Android users, and it is important to take steps to protect yourself from it. The first step is to be aware of the apps that have been infected by SpinOk. Google has removed all of the known infected apps from its store, but it is still possible to download them from third-party stores.
If you think you may have downloaded an infected app, you should delete it immediately. It is also important to be aware of the signs of infection, such as unexpected pop-ups, battery drain, and data usage.
It is also important to be aware of the permissions that apps are asking for. If an app is asking for more permissions than it needs, it may be a sign that it is malicious.
Finally, it is important to keep your device up to date with the latest security patches. This will help to protect you from any new threats that may arise.
SpinOk malware is a growing threat on Google Play, and it is important to be aware of it and take steps to protect yourself. By being aware of the apps that have been infected, deleting any suspicious apps, and keeping your device up to date, you can help to protect yourself from this malicious software.

Weekly Updates For Our Loyal Readers!

Share this Article
Lost your password?