Cybersecurity group Dr. Web and tech vertical Bleeping Computer made a grisly discovery in the Google Play Store. Over 100 apps hosted a nasty malware called SpinOK. The top two most popular infected apps attracted over 100 million downloads!
Which two apps were they? Noizz: video editor with music and Zapya – File Transfer, Share. With SpinOK crawling inside both apps, cybercriminals could access files, replace clipboard contents, and more gnarly, malicious actions that will make the hairs on your neck stand up.
What is SpinOK and what does it do?
Dr. Web categorized SpinOK as a spyware module that steals private data stored on victims' devices — and then sends the information to a remote server. SpinOK "demonstrates seemingly legitimate behavior," according to Dr. Web, rolling out minigames that lead to "daily rewards" to capture users' interest.
Behind the scenes, however, SpinOK is wreaking havoc on the device. It can search for particular files, upload data from the target's phone, and copy and replace clipboard contents. The latter is particularly nasty for crypto enthusiasts. Copying wallet addresses to send crypto from one wallet to another is a common practice in the crypto world. So if your copied wallet address gets swapped with a hacker's wallet address, you could lose your Bitcoin, or whatever digital asset you're sending, forever.
As mentioned, SpinOK can exfiltrate files, so victims' private photos and videos are at risk, too.
Where was SpinOK found?
As mentioned at the outset, the top two apps SpinOK infected was Noizz: video editor with music and Zapya - File Transfer, Share. Collectively, these apps attracted over 200 million uploads, but there's more where that came from.
SpinOK was found crawling around 101 apps via Google Play and they were all downloaded over 400 million times. You can find the complete list of the infected apps here.
Fortunately, all apps except were ousted from the Google Play Store except for Zapya - File Transfer, Share. Why did Google keep it around? Because the developer reportedly submitted a clean version of the app.
If any of these apps are lurking on your phone, it'd be in your best interest to delete them from your phone immediately. And don't forget to get one of the best mobile antivirus apps for your phone to dodge malicious threats like SpinOK (Bitdefender is a good one.)