Home » Security News » A new Android malware discovered in multiple apps ...

A new Android malware discovered in multiple apps with collective downloads of over 400 million

Deepanker Verma May 31, 2023 Security

Add Techlomedia as a preferred source on Google.

Multiple apps have recently been found to contain a new Android malware, which was distributed disguised as an advertisement SDK. These apps have collective downloads of over 400 million times, The malware can be used to access private data stored on the device and send it to remote servers.

Security researchers at Dr. Web discovered this spyware module and called it ‘SpinOK.’ The report claims that SpinkOk demonstrates legitimate behavior and maintains users’ interest in apps with the help of mini-games. In the background, it checks the Android device’s sensor data to find if the app is not running in an emulator environment. Then it connects to a remote server to download a list of URLs to display minigames.

This malicious SDK also adds the following features to the app:

Obtain the list of files in specified directories,
Verify the presence of a specified file or a directory on the device,
Obtain a file from the device, and
Copy or substitute the clipboard contents.

Researchers found this malicious SDK in 101 apps. Here’s a list of apps with the most downloads.

Noizz: video editor with music (100,000,000 downloads)
Zapya – File Transfer, Share (100,000,000 downloads; Dr. Web says the trojan module was present in version 6.3.3 to version 6.4 and is no longer present in current version 6.4.1)
VFly: video editor&video maker (50,000,000 downloads)
MVBit – MV video status maker (50,000,000 downloads)
Biugo – video maker&video editor (50,000,000 downloads)
Crazy Drop (10,000,000 downloads)
Cashzine – Earn money reward (10,000,000 downloads)
Fizzo Novel – Reading Offline (10,000,000 downloads)
CashEM: Get Rewards (5,000,000 downloads)
Tick: watch to earn (5,000,000 downloads)

If you want to check the list of all apps infected by this malicious SDK, check this link.

If you use any of these apps, check if the update is available. If an update for the app is available, it should be clean. In case the app is now on App Store, it is recommended to uninstall it immediately. I will also recommend users install a good Android antivirus to scan their smartphones.

Follow Techlomedia on Google News to stay updated.

Affiliate Disclosure:

This article may contain affiliate links. We may earn a commission on purchases made through these links at no extra cost to you.

About the Author: Deepanker Verma

Deepanker Verma is the Founder and Editor-in-Chief of TechloMedia. He holds Engineering degree in Computer Science and has over 15 years of experience in the technology sector. Deepanker bridges the gap between complex engineering and consumer electronics. He is also a a known Security Researcher acknowledged by global giants including Apple, Microsoft, and eBay. He uses his technical background to rigorously test gadgets, focusing on performance, security, and long-term value.