Menu
EN

Spyware-laden Android apps have been downloaded over 400 million times. Are you at risk?

Hundreds of millions of Android devices may have been infected by a data-stealing malware that was hidden in over 100 apps on the Google Play Store. The malicious software module, or SDK (software development kit), was found in apps that had been downloaded more than 421 million times, according to researchers at Dr. Web.

How did spyware get into the apps?

The developers of the affected apps integrated the SDK into their software to display mini-games that were supposed to keep the user hooked. However, the SDK was not as harmless as it seemed, as it would also carry out a number of other, more sinister activities in the background without the user’s knowledge.

The researchers reported that the treacherous SDK, that they named “SpinOK,” could scan the device for specific files and upload them to a remote server controlled by the attackers. It could also copy and manipulate the clipboard content.

This allowed the SpinOK spyware to steal sensitive information from the users’ devices, such as private photos, videos and documents. The clipboard manipulation functionality could enable the attackers to get ahold of information the user copied, such as passwords, credit card numbers or cryptocurrency wallet addresses. They could then replace the copied data with their own to trick the user into entering wrong information into a payment page or a cryptocurrency app, potentially resulting in unwanted transactions.

Google is supposed to flag apps that contain malicious SDKs as harmful and prevent them from getting listed on its store in the first place. However, some still slip through Google’s review process. This could be because the bad actors behind them use sophisticated techniques to avoid detection. It also does not help that Google is sometimes very slow to respond to reports of malware. According to one study, it can take Google up to two months to remove malware-infected applications from its store.

Which apps are affected?

Dr.Web researchers identified the malicious code in 101 applications. Some of the most popular apps affected have been video editors, including Noizz, VFly, MVBit and Biugo. While some of the apps were still running the poisonous SDK at the time of the report, others have either removed it or have been removed from the store. In some cases, the researchers note, only certain versions of the apps contained the SDK.

AdGuard can protect you

Many people believe that the only way to protect yourself from this kind of malware is to use antivirus software. First, you need be careful when choosing antivirus software — some may not be sophisticated enough to stop all threats and some may be even unsafe themselves, such as malware masquerading as legitimate software. Second, in some cases, such as this one, AdGuard can protect you as well.

AdGuard blocks the SpinOK SDK with its basic filtering rules. This means you don’t need to configure it in a special way, or change your DNS to AdGuard DNS (although you can still do it if you want). Keep in mind, though: AdGuard is not an antivirus. It can prevent malware from reaching your device through infected apps and web pages, but it can’t remove malware that has already infected your device.

Liked this post?

AdGuard for Windows

AdGuard for Windows is more than an ad blocker. It is a multipurpose tool that blocks ads, controls access to dangerous sites, speeds up page loading, and protects children from inappropriate content.
User Reviews: 12935
4.7 out of 5
By downloading the program you accept the terms of the License agreement
Read more

AdGuard for Mac

AdGuard for Mac is a unique ad blocker designed with macOS in mind. In addition to protecting you from annoying ads in browsers and apps, it shields you from tracking, phishing, and fraud.
User Reviews: 12935
4.7 out of 5
By downloading the program you accept the terms of the License agreement
Read more

AdGuard for Android

AdGuard for Android is a perfect solution for Android devices. Unlike most other ad blockers, AdGuard doesn't require root access and provides a wide range of app management options.
User Reviews: 12935
4.7 out of 5
By downloading the program you accept the terms of the License agreement

AdGuard for iOS

The most advanced ad blocker for Safari: it makes you forget about pop-up ads, speeds up page loading, and protects your personal data. A manual element-blocking tool and highly customizable settings help you tailor the filtering to your exact needs.
User Reviews: 12935
4.7 out of 5
By downloading the program you accept the terms of the License agreement

AdGuard Browser Extension

AdGuard is the fastest and most lightweight ad blocking extension that effectively blocks all types of ads on all web pages! Choose AdGuard for the browser you use and get ad-free, fast and safe browsing.
User Reviews: 12935
4.7 out of 5

AdGuard for Safari

Ad blocking extensions for Safari are having hard time since Apple started to force everyone to use the new SDK. AdGuard extension is supposed to bring back the high quality ad blocking back to Safari.
User Reviews: 12935
4.7 out of 5
App Store
Download
By downloading the program you accept the terms of the License agreement

AdGuard Home

AdGuard Home is a network-wide software for blocking ads & tracking. After you set it up, it’ll cover ALL your home devices, and you don’t need any client-side software for that. With the rise of Internet-Of-Things and connected devices, it becomes more and more important to be able to control your whole network.
User Reviews: 12935
4.7 out of 5

AdGuard Content Blocker

AdGuard Content Blocker will eliminate all kinds of ads in mobile browsers that support content blocker technology — namely, Samsung Internet and Yandex.Browser. While being more limited than AdGuard for Android, it is free, easy to install and still provides high ad blocking quality.
User Reviews: 12935
4.7 out of 5
By downloading the program you accept the terms of the License agreement
Read more

AdGuard Assistant

A companion browser extension for AdGuard desktop apps. It offers an in-browser access to such features as custom element blocking, allowlisting a website or sending a report.
User Reviews: 12935
4.7 out of 5
Assistant for Chrome Is it your current browser?
Install
By downloading the program you accept the terms of the License agreement
Assistant for Firefox Is it your current browser?
Install
By downloading the program you accept the terms of the License agreement
Assistant for Edge Is it your current browser?
Install
By downloading the program you accept the terms of the License agreement
Assistant for Opera Is it your current browser?
Install
By downloading the program you accept the terms of the License agreement
Assistant for Yandex Is it your current browser?
Install
By downloading the program you accept the terms of the License agreement
Assistant for Safari Is it your current browser?
If you can't find your browser, try the old legacy Assistant version, which you can find in AdGuard extension settings.

AdGuard Temp Mail β

A free temporary email address generator that keeps you anonymous and protects your privacy. No spam in your main inbox!
User Reviews: 12935
4.7 out of 5

AdGuard for Android TV

AdGuard for Android TV is the only app that blocks ads, guards your privacy, and acts as a firewall for your Smart TV. Get warnings about web threats, use secure DNS, and benefit from encrypted traffic. Relax and dive into your favorite shows with top-notch security and zero ads!
User Reviews: 12935
4.7 out of 5
Downloading AdGuard To install AdGuard, click the file indicated by the arrow Select "Open" and click "OK", then wait for the file to be downloaded. In the opened window, drag the AdGuard icon to the "Applications" folder. Thank you for choosing AdGuard! Select "Open" and click "OK", then wait for the file to be downloaded. In the opened window, click "Install". Thank you for choosing AdGuard!
Install AdGuard on your mobile device