A new trojan malware has been discovered in the Play Store: a virus called SpinOk can collect information about files on the device and possibly steal them. A total of 101 infected applications; among the most popular are Noizz (at least 100 million downloads), Zapya (the same), VFly (50 million downloads), MVBit, and Biugo.
Dr.Web experts also claim that Riverbed can identify the clipboard’s contents, download it to a remote server, and even read data from various smartphone sensors.
All in all, the SpinOk virus infected a significant number of prevalent applications, which collected at least 421 million downloads (an optimistic estimate based on Play Store statistics).
As is often the case, the malware was spread through SDKs, which are tools for developers to keep the user interested in an app or game by sending notifications about contests, daily activities, tasks, and more. It turned out that through the SDK, the virus can connect to a remote server and send a large amount of personal data without the user’s knowledge.
Dr.Web says it notified Google of the threat, and the company seems to have wasted no time: a random check so far shows that most of the mentioned apps are available for download (Zapya, for example, has already removed the malware in its latest version 6.4.1 and, therefore, returned to Google Play).
Likely, the developers of the respective applications did not know that they had introduced a rogue Trojan into their applications. Therefore, if you use them, update to the latest software version.
Also Read: Apple Introduces iOS 17 Update, What’s New Features?
