Consider following on social media!
Quick note: if you’re viewing this via email, come to the site for better viewing. Enjoy!
Photo by Andrea Piacquadio, please support by following @pexel.com
Hold on tight, we don’t think the coast is clear for the Google Play Store just yet. Many times, when you visit the Google Play Store it’s to pick up a new idle game to cure the boredom of your phone.
However, certain apps are being delivered with a bit of spice added called a “trojan”. And trust us when we say this is not something you want mucking up your lifestyle.
We question the thought; could one be 100% safe when downloading apps from the marketplace? We’ll be answering that question along with covering what the attack is, how it’s used, why it’s being used and some effects since its release, and what are some ways you can protect your machine.
Photo by Dids, please support by following @pexel.com
The Attack
First for those who are not familiar with what a trojan is in the computing world. A trojan is malware that is made to look like a legitimate application.
You can think of this as dating someone, letting them move in, and later finding out that not only did they eat everything in your fridge, but they also took the liberty to empty your wallet as well.
Clearly, people in relationships tend to get hoodwinked. Now, the current threat among many plaguing the Play Store and is set as being unknowingly downloaded over 400 million times in counting is called SpinOk.
A thing to note, when it comes to naming things in IT (Information Technology), the names are typically based on their functionality. Like if you think of a Trojan virus and remember the story of the Trojan horse. Trust us though, SpinOk isn’t okay.
Samual: How you know it’s the kid with the hoodie?
Photo by Kampus Production, please support by following @pexel.com
Who Can It Be Now
No one threat actor has been named just yet for the creation of SpinOk but it has been placed within apps on Google’s Play Store as a gaming treat.
Many times, threat actors would make use of banking applications to lure and collect information but as times change, so do cybercriminals tactics.
Detour:
Below are a few apps reported to have the trojan.
- Macaron Match (XM Studio) – 1 million downloads
- Macaron Boom (XM Studio) – 1 million downloads
- Jelly Connect (Bling Game) – 1 million downloads
- Tiler Master (Zhinuo Technology) – 1 million downloads
- Crazy Magic Ball (XM Studio) – 1 million downloads
- Happy 2048 (Zhinuo Technology) – 1 million downloads
- Mega Win Slots (Jia22) – 500,000 downloads
Enjoy the read so far? Why don’t you consider subscribing so you can keep up to date?
Sarah: That’s so cool, maybe I should read a few scripts.
Photo by Christina Morillo, please support by following @pexel.com
Sinking Feeling
So, to give an idea of how something like this operates, we’ll use the relationship where we were hoodwinked from earlier. You meet someone online because that’s just how our society is now thanks to technology, and things are going swell. The conversations are there, having a lot of things in common are there, and everything is more than perfect.
You think “Hey, I want to live with this person because I can see a future with them.” And so, you both agree to move in together. This is an exaggeration of picking an app but just bear with us. After a while of living together, you notice your place isn’t as clean as you used to have it.
The food seems to be dwindling and money is starting to become a bit of a problem as you don’t have as much as you used to. Surprise, this was your lover’s intent all along.
They had disguised themselves as someone you could see a life with when really, they just wanted to clean house in your bank account, and not only that but they gave all your information to other people for a price.
This is a lengthy example, but this is how the SpinOk trojan works. Most gaming apps offer pop-ups redirecting you to URLs (Uniform Resource Locator) offering “daily rewards” which is normal for mobile gaming however, while this redirection is happening a number of malicious tasks are being completed.
Such as the aggregation of directory files, photos, videos, and the collection of your personal information. All this goes back to a remote server owned by the threat actor to be either used or sold to interested parties over the Internet.
Photo by Kris Schulze, please support by following @pexel.com
The Prevention
To answer the question, we had in thought from the opening, the only way to be 100% safe is by not downloading the app at all. Other than that, keep in mind you’re taking a risk with each download.
If you have an anti-virus application on your device, make sure that is up to date along with all your applications and the operating system of your device as there will be patches to fix vulnerabilities.
And make sure you scan your device often to ensure there are no present threats and if you find one, isolate it and remove it immediately. SpinOk may have your head spinning but now knowing about it is one step to keeping you and your bank account okay.
Photo by Andrea Piacquadio, please support by following @pexel.com
Made it this far and found this to be entertaining? Then a big thanks to you and please show your support by cracking a like, sharing this with whomever, scripting a comment, or plug-in to follow.
Would like to give sincere thanks to current followers and subscribers, your support and actions mean a lot and has a play in the creation of each script.
Do you feel like there is something I may have missed on SpinOk? Script a comment below.
Discover more from Scriptingthewhy.com
Subscribe to get the latest posts sent to your email.
This is yet another example of why we need protection from viruses & malware. Thanks for this article it is very informative.
LikeLike
I enjoyed reading this article. Its my first time to hear about SpinOk & its nefarious intentions. Thanks for keeping us informed.
LikeLike