If you have an Android phone, it’s time to take action. More than 100 Android apps with over 400 million combined downloads have been infected with a new malware strain, putting millions of users at risk. This article will provide you with all the information you need to protect yourself and your phone from this dangerous spyware. So, let’s dive in and find out how to avoid this Android malware and keep your phone secure.
What is the Malware, and How Does it Work?
This malware strain, known as “SpinOk,” has been spread through a software development kit (SDK) that is disguised as an advertising platform. Security researchers at Dr. Web discovered the malware, which has been classified as spyware because of its ability to steal private data from Android devices and send it to a remote server controlled by hackers.
App developers may have added the SpinOk module to their apps, believing it to be legitimate. The module uses minigames to provide users with “daily rewards,” aiming to keep them engaged. However, while users enjoy the minigames, SpinOk performs malicious activities in the background, checking the device’s sensor data to determine whether it’s running on an actual phone.
Delete These Apps Immediately
Dr. Web’s report lists 101 apps that users have downloaded more than 421 million times from the Google Play Store. The following are the most downloaded apps that SpinOk has affected.
- Noizz: video editor with music – 100 million downloads
- Zapya – File Transfer, Share – 100 million downloads
- vFly: video editor & video maker – 50 million downloads
- MVBit – MV video status maker – 50 million downloads
- Biugo – video maker & video editor – 50 million downloads
- Cashzine – Earn money reward – 10 million downloads
- Fizzo Novel – Reading Offline – 10 million downloads
- CashEM: Get Rewards – 5 million downloads
- Tick: watch to earn – 5 million downloads
Most of the affected apps have been removed from the Play Store, but some apps still remain. If you have any of these apps installed on your Android smartphone, we recommend that you delete them immediately. In some cases, the latest versions of these apps have removed the spyware, so updating to the latest version could serve as an alternative to removing them entirely. However, it’s best to delete these apps for your own safety.
The Trojanized SDK
Once added to an app, the trojanized SDK connects to a remote server to download a list of websites used to display minigames within the apps. While the minigames appear as expected, SpinOk is capable of performing malicious activities in the background, such as listing files in directories, searching for specific files, uploading files from an infected smartphone, or copying and replacing content from your clipboard.
These functionalities could be used to expose private images, videos, and documents or to steal passwords and credit card data, as well as hijack cryptocurrency payments. It’s unclear whether the publishers of these apps were tricked by the distributor of the trojanized SDK or included it in their apps on purpose. However, these types of infections often result from supply-chain attacks from a third party.
Google’s Response to SpinOk
In response to the discovery of SpinOk, a Google spokesperson provided a statement, saying:
“The safety of users and developers is at the core of Google Play. We have reviewed recent reports on SpinOK SDK and are taking appropriate action on apps that violate our policies. Users are also protected by Google Play Protect, which warns users of apps known to exhibit malicious behavior on Android devices with Google Play Services, even when those apps come from other sources.”
How to Stay Safe from Malicious Android Apps
Be Careful When Downloading New Apps
To protect yourself from malicious apps, exercise caution when downloading new apps, even from the Google Play Store. Bad apps can slip past Google’s security checks, so it’s essential to use your best judgment when installing new apps on your phone.
Check App Ratings and Reviews
Look at an app’s rating on the Play Store and read reviews, keeping in mind that ratings and reviews can be faked. It’s also a good idea to search for external reviews and video reviews to see an app in action before installing it.
Also Read: Samsung releases video to explain how its Biometric Card IC security chip works
Beware of Unnecessary Permissions
Be cautious when using apps that request unnecessary permissions. For example, a photo-editing app shouldn’t need access to your contacts and call history to function properly.
Install a Reliable Android Antivirus App
For additional protection, consider installing one of the best Android antivirus apps on your phone. If you’re on a tight budget, Google Play Protect comes pre-installed for free on all Android phones and can scan both your existing apps and new ones for malware.
Additional Protective Measures
Keep Your Android Device Updated
Make sure your Android device is always running the latest version of the operating system. Updates often include security patches that can protect your device from new malware strains.
Use a VPN
A VPN (Virtual Private Network) can help protect your privacy online by encrypting your internet connection, making it more difficult for hackers to intercept your data.
Enable Two-Factor Authentication
Enable two-factor authentication (2FA) on your online accounts whenever possible. 2FA provides an extra layer of security, making it more difficult for hackers to access your accounts.
Back Up Your Data
Regularly back up your data, either to an external storage device or a cloud-based service. This way, if your device is compromised, you can easily restore your data and minimize any potential loss.
Conclusion
The discovery of the SpinOk malware is a stark reminder that Android users need to be vigilant and take proactive steps to protect their devices and personal information. By following the tips outlined in this article, you can significantly reduce your risk of falling victim to Android malware and keep your phone secure. Stay informed and stay safe!
