Indian cybersecurity and threat prediction company CloudSEK has revealed what is describes as the “concerning discovery of widespread malware infection” in the Google Play Store affecting millions of Android users across the globe.
In a press release, the company announced the identification of 193 applications on the Play Store that are infected with the Android.Spy.SpinOk SDK, 43 of which are still at large on the Android app store.
CloudSEK reckons that these have amassed more than 5 million downloads. The security firm also estimates that 30 million users in total have been affected by the bad apps it has found. These are in addition to other similar apps previously identified by DrWeb.
Android apps affected with malware
Topping the list of the affected apps with the most installs is HexaPop Link 2248, followed by Macaron Match, Macaron Boom, Jelly Connect, Tiler Master, Crazy Magic Ball, Bitcoin Master, Happy 2048, and Mega Win Slots. Of these apps, three are developed by CM Studio and two by Zhinuo Technology Co., Ltd.
The majority of the apps, according to the report, belong to the casual gaming category, which are often downloaded and used briefly before being left to reside on a user’s device indefinitely.
Credited with initially sounding the alarm about apps infected with the malicious SDK, DrWeb explains it has the ability to collect information on local Android files which is then transferred to the threat actors. Users’ clipboards are also affected, potentially exposing passwords and other sensitive information.
CloudSEK is advising Android users to download protective measures like antivirus software from trusted providers to monitor and flag potential threats. Of a similar nature, smartphone users are being urged to maintain vigilance when browsing their device’s app store, and to look out for potential red flags.
Google did not immediately respond to TechRadar Pro’s request for comment on the measures it takes to monitor the Play Store for malware.