New GriftHorse Android Trojan Affects 10 Million Mobile Users! Some of the 200 Infected Apps Bypass Google Play Store

The new GriftHorse mobile virus is believed to have affected more than 10 million Android users across the globe. Involved security experts claimed that the hackers behind the new Android Trojan are currently generating millions of dollars every month.

New GriftHorse Android Trojan Affects 10 Million Mobile Users! Some of the 200 Infected Apps Bypass Google Play Store
A visitor tries out the Huawei P40 Pro smartphone at the IFA 2020 Special Edition consumer electronics and appliances trade fair on the fair's opening day on September 03, 2020 in Berlin, Germany. The fair is taking place despite the ongoing coronavirus pandemic, albeit in a reduced form and without personal access for the general public. The IFA 2020 Special Edition will take place from September 3-5. Photo by Sean Gallup/Getty Images

Zimperium zLabs security firm's experts were the first ones to discover the new smartphone virus. Based on their latest researcher, GriftHorse has currently embedded in around 200 applications.

Some of them are even published in the official Google Play Store platform as the new Trojan malware has the capability to bypass its security protections.

Involved cybersecurity researchers explained that the malicious actors were able to have a stable revenue cash flow of illicit funds since there were able to infect a large number of Android smartphones, as reported by ZDNet.

How GriftHorse Trojan Android Malware Works

According to Zimperium's latest blog post, the new Trojan malware works by fooling Android victims to subscribe to various paid services. Once their attacks are successful, the affected Android users are forced to settle premium subscription fees, which amount to around $41 every month.

New Android Malware Directs Users to a FAKE Google Play Store
A guest takes a selfie with her smartphone during the Mercedes Benz Fashion Week in Madrid on April 8, 2021. (Photo by Gabriel BOUYS / AFP) Photo by GABRIEL BOUYS/AFP via Getty Images

Security experts confirmed that more residents in around 70 countries are currently being targeted. GriftHorse's developers are believed to be serving selective malicious pages.

The users would then receive these websites on the geo-location of their IP addresses with their local language. This technique makes the malware more efficient since victims might feel more comfortable sharing their personal details on a website that features their own language.

In other news, online attackers are also using fake Brave websites to spread their malware through Google ads. On the other hand, DDoS attacks are also becoming more rampant than ever.

GriftHorse Trojan Malware's Other Details

The apps currently infected by GriftHorse malware vary from dating software, puzzle games, food apps, and other kinds of applications.

On the other hand, the most popular malicious apps were able to generate around 500,000 downloads. This just shows that the new smartphone system virus is a serious one.

But, many consumers were able to uninstall their malicious apps. Although this is the case, the Trojan malware can still send messages to their devices, saying that they won cash prizes.

Once the victim is fooled again, the malicious actors will direct them to another website page, which could also steal their sensitive data.

For more news updates about GriftHorse malware and other new security threats, always keep your tabs open here at TechTimes.

This article is owned by TechTimes

Written by: Griffin Davis

ⓒ 2024 TECHTIMES.com All rights reserved. Do not reproduce without permission.
Join the Discussion
Real Time Analytics