Tag: virus

Security, Tech

Spinning on The Play Store Could Cost

Consider following on social media!

Quick note: if you’re viewing this via email, come to the site for better viewing. Enjoy!

Dear Lord, what’s not safe now?
Photo by Andrea Piacquadio, please support by following @pexel.com

Hold on tight, we don’t think the coast is clear for the Google Play Store just yet. Many times, when you visit the Google Play Store it’s to pick up a new idle game to cure the boredom of your phone.

However, certain apps are being delivered with a bit of spice added called a “trojan”. And trust us when we say this is not something you want mucking up your lifestyle.

We question the thought; could one be 100% safe when downloading apps from the marketplace? We’ll be answering that question along with covering what the attack is, how it’s used, why it’s being used and some effects since its release, and what are some ways you can protect your machine.

There’s always a surprise inside.
Photo by Dids, please support by following @pexel.com

The Attack

First for those who are not familiar with what a trojan is in the computing world. A trojan is malware that is made to look like a legitimate application.

You can think of this as dating someone, letting them move in, and later finding out that not only did they eat everything in your fridge, but they also took the liberty to empty your wallet as well.

Clearly, people in relationships tend to get hoodwinked. Now, the current threat among many plaguing the Play Store and is set as being unknowingly downloaded over 400 million times in counting is called SpinOk.

A thing to note, when it comes to naming things in IT (Information Technology), the names are typically based on their functionality. Like if you think of a Trojan virus and remember the story of the Trojan horse. Trust us though, SpinOk isn’t okay.

Herb: I bet you that guy right there hacked my phone.
Samual: How you know it’s the kid with the hoodie?
Photo by Kampus Production, please support by following @pexel.com

Who Can It Be Now

No one threat actor has been named just yet for the creation of SpinOk but it has been placed within apps on Google’s Play Store as a gaming treat.

Many times, threat actors would make use of banking applications to lure and collect information but as times change, so do cybercriminals tactics.

Detour:

Below are a few apps reported to have the trojan.

  • Macaron Match (XM Studio) – 1 million downloads
  • Macaron Boom (XM Studio) – 1 million downloads
  • Jelly Connect (Bling Game) – 1 million downloads
  • Tiler Master (Zhinuo Technology) – 1 million downloads
  • Crazy Magic Ball (XM Studio) – 1 million downloads
  • Happy 2048 (Zhinuo Technology) – 1 million downloads
  • Mega Win Slots (Jia22) – 500,000 downloads

Enjoy the read so far? Why don’t you consider subscribing so you can keep up to date?

Trish: They explained it and now I get hacked less.
Sarah: That’s so cool, maybe I should read a few scripts.
Photo by Christina Morillo, please support by following @pexel.com

Sinking Feeling

So, to give an idea of how something like this operates, we’ll use the relationship where we were hoodwinked from earlier. You meet someone online because that’s just how our society is now thanks to technology, and things are going swell. The conversations are there, having a lot of things in common are there, and everything is more than perfect.

You think “Hey, I want to live with this person because I can see a future with them.” And so, you both agree to move in together. This is an exaggeration of picking an app but just bear with us. After a while of living together, you notice your place isn’t as clean as you used to have it.

The food seems to be dwindling and money is starting to become a bit of a problem as you don’t have as much as you used to. Surprise, this was your lover’s intent all along.

They had disguised themselves as someone you could see a life with when really, they just wanted to clean house in your bank account, and not only that but they gave all your information to other people for a price.

This is a lengthy example, but this is how the SpinOk trojan works. Most gaming apps offer pop-ups redirecting you to URLs (Uniform Resource Locator) offering “daily rewards” which is normal for mobile gaming however, while this redirection is happening a number of malicious tasks are being completed.

Such as the aggregation of directory files, photos, videos, and the collection of your personal information. All this goes back to a remote server owned by the threat actor to be either used or sold to interested parties over the Internet.

No viruses, trojans, or malware are allowed here by order of the king.
Photo by Kris Schulze, please support by following @pexel.com

The Prevention

To answer the question, we had in thought from the opening, the only way to be 100% safe is by not downloading the app at all. Other than that, keep in mind you’re taking a risk with each download.

If you have an anti-virus application on your device, make sure that is up to date along with all your applications and the operating system of your device as there will be patches to fix vulnerabilities.

And make sure you scan your device often to ensure there are no present threats and if you find one, isolate it and remove it immediately. SpinOk may have your head spinning but now knowing about it is one step to keeping you and your bank account okay.

Nice, I still have money in my account. I think I have time for one script.
Photo by Andrea Piacquadio, please support by following @pexel.com

Made it this far and found this to be entertaining? Then a big thanks to you and please show your support by cracking a like, sharing this with whomever, scripting a comment, or plug-in to follow.

Would like to give sincere thanks to current followers and subscribers, your support and actions mean a lot and has a play in the creation of each script.

Do you feel like there is something I may have missed on SpinOk? Script a comment below.

Programming, Security, Tech

Testing Beta Alert

Consider following on social media!

Quick note: if you’re viewing this via email, come to the site for better viewing. Enjoy!

What is it now, fam? Can we not get anything right?
Photo by Ketut Subiyanto, please support by following @pexel.com

We’re back in the Google Play Store and things haven’t gotten any better. It has been long-standing knowledge that if you want anything to work or see if it has any value, people need to test your product other than yourself.

By doing this, you can get all the good and bad feedback to create what seems to be your contribution to the world for the betterment of humanity.

All the great minds throughout history have gone through this, and you clearly see this being done today with us doing launches into space and claiming it’s for humanity just in case the Earth goes bad but in reality, they’re displaying their getaway plan which none of us will be able to afford. We’re looking at you Elon.

Being done with pointing fun at venture capitalism, back to the growing concern which is beta testing. Are you curious as to know how this is a problem when everyone is simply trying things out?

Let us explain. We’re going to go over what kind of attack this is, who is using it, the functionality, and effects upon release, and what are some ways you can keep yourself from being on the receiving end of testing a product that may be testing you.

Fun fact: having elder people play video games helps ward off mental conditions and improve memory.
Photo by Tima Miroshnichenko, please support by following @pexel.com

The Attack

If you’re not into computers or have very little knowledge of how software and games are developed, then you may be wondering what in the world is “beta testing”. It’s not what you think, there isn’t a group of people in a room sitting across from each other staring trying to establish who is alpha and who is beta.

Beta testing is the testing of a product that is almost ready to hit the market. This is done to get feedback as to what should stay in or be removed or what could be added to improve interactions.

How is this a problem we hear you ask? At its core, it isn’t but as of late threat actors have been releasing apps on the Google Play Store as betas to lure people into downloading onto their devices. Threat actors are testing the waters with this one.

Yes, all you have do is download the app and enter your bank information. It’s that simple.
Photo by cottonbro studio, please support by following @pexel.com

Who Can It Be Now

No one group or individual has been named for using this tactic, but rest assured the attackers are out there. Many incidents have involved phishing emails and romancing scams. No, this doesn’t involve the good old catfishing mail-order bride or husband.

In this kind of attack, the threat actor is building a false relationship with the victim in order to get the victim to perform a step-by-step process of downloading or jailbreaking their device.

Phishing emails and others of the like are sent with the promise of big returns on investment for trying the beta app. However, this is a bogus claim because the payment method is in cryptocurrency. Why do scammers like requesting gift cards, money orders, and cryptocurrency you ask?

If you think about it, obtaining these items requires no personal interaction, they’re difficult to trail back to the scammer, and you can gain access to them from anywhere. Also, the government and banks can’t monitor Bitcoin and other cryptocurrency platforms so that makes it even more alluring. 

Enjoy the read so far? Why don’t you consider subscribing so you can keep up to date?

I downloaded the beta version, but some weird stuff started happening after I entered my banking information.
Photo by Andrea Piacquadio, please support by following @pexel.com

That Sinking Feeling

Why not use real apps instead of beta? Well, real apps must undergo a rigorous code and review process where beta apps can somewhat fly under the radar because they’re not complete, it just has to look good surface level.

After making it pass review, threat actors change the URL by pointing the app to a malicious server, then the real fun begins.

Malicious code can perform a number of tasks ranging from collecting data from devices, gaining access and depleting online financial accounts, or seizing control of handheld devices.  

Yes, tell Scriptingthewhy that I’m interested in protecting my personal information.
Photo by Antoni Shkraba, please support by following @pexel.com

The Prevention

Are you interested in beta testing the ability to keep money in your bank account, and prevent your life from ending up in disarray? If you had said yes, then you have taken the first step into cybersecurity and if you didn’t then we’re going to tell you how to anyway.

When dealing with emails, especially from people who you may know and have a link attached, cross-check with them on another platform to verify if they indeed sent the email.

Carefully examine the email for misspellings and grammar errors as this could be a big tip-off that something is in the air. Exercise extreme caution when installing a new app and carefully examine the requested permissions for anything that may have you scratching your head.

The biggest clues suggesting that something is on your system are that your battery is draining faster than normal, higher data consumption, experiencing a sudden pop-up ads nightmare, the device running slower, and overheating.

Always remember when beta testing, the app should have developing issues, not your finances.

I’m in cybersecurity and I read Scriptingthewhy, so yeah. Trying to scam me is pretty hard.
Photo by Viktoria Slowikowska, please support by following @pexel.com

Made it this far and found this to be entertaining? Then a big thanks to you and please show your support by cracking a like, sharing this with whomever, scripting a comment, or plug-in to follow.

Would like to give sincere thanks to current followers and subscribers, your support and actions mean a lot and has a play in the creation of each script.

Do you feel like there is something I may have missed on beta testing scammers? Script a comment below.