Ninety-two more apps, nearly half of which are on Google Play, that have cumulatively amassed more than 30 million installations were discovered to be compromised with the SpinOk malware, which has been distributed through a malicious software development kit supply chain attack, BleepingComputer reports.
HexaPop Link 2248 was the most popular among the newly-identified SpinOk malware-infected apps, having five million downloads before its removal from Google Play, a report from CloudSEK revealed.
Moreover, a million downloads each have been recorded for XM Studio's "Macaron Match" and "Macaron Boom," Zhinuo Technology's "Tiler Master," Bling Game's "Jelly Connect," and XM Studio's "Crazy Magic Ball."
While many of the other SpinOk malware-infected apps remain on Google Play, Google said that it has begun evaluating the malicious apps.
"We have reviewed recent reports on SpinOK SDK and are taking appropriate action on apps that violate our policies," said a Google spokesperson, who reassured the defenses of Google Play Protect against malicious apps.
North Korea's Lazarus Group has leveraged the backdoored PDF reader app SwiftLoader used in the RustBucket campaign to facilitate the deployment of the KANDYKORN macOS malware in a bid to better evade detection, according to The Hacker News.
More advanced attack techniques are being exhibited by the WildCard advanced persistent threat operation, which has targeted Israel for the past eight years, amid the ongoing war between Israel and Palestinian militant group Hamas, CyberScoop reports.
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news