GriftHorse, a new Android trojan, has infected over 10 million Android cellphones across 70 countries. The organisation was found by security experts from Zimperium, a mobile security startup.
According to the experts, the campaign will continue for about five months, between November 2020 and April 2021.
GriftHorse Malware Campaign has Targeted Users from 70 Countries
Users were infecting themselves with the malware by downloading one of the 200 trojan Android apps accessible on the Play Store and other third-party app shops.
However, after being alerted, Google withdrew those apps, although they are still available on third-party shops.
According to the researchers, the GriftHorse malware organisation may be stealing millions of dollars per month from victims all around the world. The software entices victims to click on dubious links in order to shift funds to their accounts.
According to Zimperium research, these Android apps appear to be safe at first, but subsequently lure users into paying for premium services without realising that the trojan gang is taking money from them.
The company claims in a blog post that these rogue apps are a threat to Android smartphones since it charges a premium of roughly EUR 36. (Rs. 3100 per month).
Millions of people were targeted by the effort, which served infected pages to them based on their IP address’s location.
Because they distribute in local languages, the majority of users have been targeted. The GriftHorse campaign is said to be the most widely distributed campaign in 2021. Popups and notifications are sent by the spyware, promising rewards and exclusive offers.
If you click on one of these pop-ups, you’ll be taken to an internet page where you’ll be asked to confirm your phone number in order to receive the deal. Some of the most prominent apps that have been infected with GriftHorse virus include:
- Handy Translator Pro
- Heart Rate
- Pulse Tracker
- Geospot: GPS Location Tracker
- iCare – Find Location
- My Chat Translator
Users in India are also impacted, so be cautious. GriftHorse-infected apps have been reported to Google by Zimperium. The App Defense Alliance counts Zimperium as a member.