Discovery of Hazardous Spyware in More Than 100 Apps on Google Play

A concerning revelation has emerged as researchers detected hazardous malware in approximately 100 Android apps. Which are available for download on the Google Play store. It collectively amassed over 420 million downloads. The malicious software, cleverly disguised as a mini-game, has the capability to extract sensitive user data from their devices and transmit it to remote servers. Notable apps affected by this spyware include Noizz, Zapya, Cashzine, and CashEM, among several others.

As per a report from Dr. Web, dubbed Android.Spy.SpinOk, this spyware is circulated as a marketing software development kit (SDK). Developers can embed it into all sorts of apps and games, including those available on Google Play. 

The report said, "On the surface, the SpinOk module is designed to retain users’ interest in apps with the help of mini-games, a system of tasks, and alleged prizes and reward drawings. Upon initialization, this trojan SDK connects to a C&C server by sending a request. Which contains a large amount of technical information about the infected device. For the same purpose, it ignores device proxy settings, which allows it to hide network connections during analysis. In response, the module receives a list of URLs from the server, which it then opens in WebView to display advertising banners." 

This spyware aids hackers to access the phone’s files list. Using it, they can read a certain file or directory saved on the device. In addition, They can even make changes, hackers can copy or replace the contents of the clipboard. Doctor Web an anti-malware software suite has discovered this spyware module and its multiple versions. Furthermore, it persists in a wide range of apps available on Google Play.