Ninety-two more apps, nearly half of which are on Google Play, that have cumulatively amassed more than 30 million installations were discovered to be compromised with the SpinOk malware, which has been distributed through a malicious software development kit supply chain attack, BleepingComputer reports.
HexaPop Link 2248 was the most popular among the newly-identified SpinOk malware-infected apps, having five million downloads before its removal from Google Play, a report from CloudSEK revealed.
Moreover, a million downloads each have been recorded for XM Studio's "Macaron Match" and "Macaron Boom," Zhinuo Technology's "Tiler Master," Bling Game's "Jelly Connect," and XM Studio's "Crazy Magic Ball."
While many of the other SpinOk malware-infected apps remain on Google Play, Google said that it has begun evaluating the malicious apps.
"We have reviewed recent reports on SpinOK SDK and are taking appropriate action on apps that violate our policies," said a Google spokesperson, who reassured the defenses of Google Play Protect against malicious apps.
Malware, Application security
More apps compromised with SpinOk malware
Share
An In-Depth Guide to Application Security
Get essential knowledge and practical strategies to fortify your applications.
Related Events
Related Terms
AdwareBannerBrowserCache CrammingCommon Gateway Interface (CGI)ClientCookieDLL InjectionDynamic Link LibraryGet daily email updates
SC Media's daily must-read of the most current and pressing daily news