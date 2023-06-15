wordpress blog stats
SpinOk Module, a Spyware with High Severity Risks, says CERT-In

As per a document uploaded by DoctorWeb on Git Hub, over 100 applications have the module incorporated into them.

We missed this earlier: On June 8, 2023, the Indian Computer Emergency Response Team (CERT-In) advisory flagged the SpinOk Android software module with a ‘high severity rating’ due to its spyware functionality. CERT-In said that SpinOk collects information on device-stored files, can “transfer them to malicious actors,” and replace and update clipboard content to a remote server, as per a report by Doctor Web. What is SpinOk? The module is distributed as a marketing software development kit (SDK) and maintains users’ engagement in apps through mini-games, tasks, and purported prize and reward drawings. “This trojan SDK connects to a command and control (C&C) server, transmitting technical data about the compromised device. This data allows threat actors to detect and emulator environment,” said CERT-In. Why it matters: Concerns of cyber attacks via spyware have been growing in India - with reports of Pegasus, malware like Drinik Android, etc. You’d think that this and further reports from regions like Israel about more invasive software would speed up the creation of an Indian data protection law. Yet, we’re still waiting for the government to finalise the Digital Personal Data Protection Bill and the Digital India Bill. The more there is a delay, the more softwares of this nature will get a chance to steal and manipulate the data of Indian residents. What happens once a device is affected? Once SpinOk infects a device, it sends a list of URLs, which open in WebView to show advertising banners. As per the advisory, the trojan SDK enhances its malicious capabilities through the…

