"421M Spyware Apps Downloaded Through Google Play"

It has been discovered that spyware masquerading as a marketing Software Development Kit (SDK) has infested 101 Android apps, with over 421 million downloads. Researchers at Doctor Web refer to the malicious SDK as "SpinOk" and report that it is advertised as a package of marketing functions, including mini-games and prize drawings, designed to keep visitors using apps for extended periods of time. Instead, unsuspecting developers helped spread spyware, according to Doctor Web. Researchers explained that upon initialization, this Trojan SDK connects to a command-and-control (C2) server by sending a request containing comprehensive technical information about the infected device. Included are sensor data from the gyroscope, magnetometer, and more, that can be used to detect an emulator environment and modify the module's operational routine to avoid detection by security researchers. This article continues to discuss the Trojan SDK sneaking past Google Play protections to infest 101 Android apps.

Dark Reading reports "421M Spyware Apps Downloaded Through Google Play"