Researchers from Zimperium zLabs spotted a widespread malware campaign that has infected over 10 million Android devices. The campaign used GriftHorse trojan and was active for roughly five months, between November 2020 and April 2021.
As per an estimate, the malware stole hundreds of millions from its victims by subscribing to paid services. Victims of this malware campaign are spread across 70 countries.
Once the malicious app is installed in a phone, it gains access to mobile phone numbers and uses it to subscribe the unsuspecting victims to premium SMS services that charged more than €30 per month to their phone bills.
The malware campaign used more than 200 Android applications delivered through Google’s play store and third-party app stores. After being notified, Google removed the malicious apps but apps are still available for download on third-party repositories.
People behind this malware campaign have made apps in several categories ranging from Tools and Entertainment to Personalization, Lifestyle, and Dating to affect a large number of users. One of the apps had more than 500,000 downloads.
If you are interested in checking the list of malicious apps, check the Zimperium report.
