Android: New malware has infected over ten million devices

The system Android is often prone to malware attack due to the “sideload” that allows the installation of games and apps external to the Play Store. This obviously makes it more appealing to hackers trying to spread their malware and extort money from unsuspecting users.

Zimperium zLabs researchers recently discovered a new Android trojan called GriftHorse that infected about 200 apps of the Play Store and in third-party app stores. Unfortunately, the malware is currently being downloaded by over 10 million Android devices from over 70 countries stealing tens of millions of dollars from their victims.

How GriftHorse malware works

GriftHorse malware, which has apparently been active since November 2020, spawns once installed a multitude of notifications and popups which will lure victims into special discounts and fake cash prizes. Users who fall into the virtual trap will be redirected to a web page where they will be asked to confirm their phone number to access the promotion.

But this is what the victims actually believe users without their knowledge they subscribe to paid SMS services with figures of 35 dollars a month. The developers behind GriftHorse made money through this scam system roughly $ 1.5 million to $ 4 million per month. The researchers claimed that the hackers started a sophisticated malware campaign through quality codes and a broad spectrum of malicious sites and apps which covered several categories.

Google was obviously notified of the matter and the company did not take long to promptly remove apps from the Play Store, although they can still be downloaded from third-party stores. GriftHorse is not the first malware of its kind to affect the security of Android users, so we recommend users to always be very careful about downloading suspicious apps and always verify their origin.

Image by mohamed Hassan from Pixabay