40 crore Android phone users at risk!

Today, malware attacks are not a new phenomenon. That’s why many Android phone users are more or less aware about it. Still, hackers are finding new ways to get malware into ordinary people’s devices.

Recently researchers found 100 such apps in Google Play Store, which are infected with malware. Dr. Webb, a security researcher teaming up with a bleeping computer, discovered this new spyware, called ‘SpinOK’. The infected apps have been downloaded 421,290,300 times (about 40 crores) so far.

What is SpinOK Malware?

According to Dr. Web’s report, this Trojan malware initially displays an advertisement. Where users are asked to download minigames with the lure of daily rewards. As a result, many people are attracted and consider the ads as legitimate. Then the advertised app, once downloaded, steals personal information stored on the device and sends it to a remote server (to hackers).

The report also stated that various levels of malicious content were found in the infected apps. These apps have already been completely removed from Play Store. However, it is recommended to uninstall the apps as soon as possible if they are still present on the device. Apart from this, smartphone users have also been advised to refrain from downloading such apps in the future.

10 Android Applications Infected with SpinOK Trojan Malware

Out of 100 Android apps infected by Android.Spy.SpinOk trojan malware in Dr.Web report, the top 10 most downloaded apps are –

1) Noizz – Video editing app with music (at least 100,000,000 installs).

2) Zapya – file transfer, share (installed at least 100,000,000 times. The Trojan module was present in versions 6.3.3 to 6.4 and is no longer present in the current version 6.4.1).

3) VFly – Video editor and video maker (installed at least 50,000,000 times).

4) MVBit – MV Video Status Maker (Installed at least 50,000,000 times).

5) Biugo – Video maker and video editor (at least 50,000,000 installed).

6) Crazy Drop – (at least 10,000,000 installed).

7) Cashzine – Money making app (at least 10,000,000 installed).

8) Fizzo Novel – offline reading (at least 10,000,000 installed).

9) CashEM – Rewards winning app (at least 5,000,000 installs).

10) Tick – Earn by watching videos (at least 5,000,000 installs).

How to identify malicious apps

1) Check the permission of the app. Avoid apps that require excessive or unnecessary permissions.

2) Review user reviews thoroughly.

3) Evaluate Install-to-Review Ratio – Install-to-review ratio is a measure of how many people installed the app compared to how many people gave reviews.

4) Use antivirus to protect your device from such harmful and malicious apps.

5) Know the app developer well – Verify the developer’s legitimacy by checking user reviews, websites, other apps from the same developer and social media.

6) Check app description for spelling or grammatical errors, unclear information or description of app functionality.

7) Avoid downloading apps that ask for sensitive data like passwords or credit card details.

Be aware and careful while downloading the app by reviewing the above points. If an app looks suspicious, don’t install it.

Read More