According to Zimperium zLabs, the new malware has been included in No less than 200 malicious appsMany of them have managed to circumvent the protection offered by the Google Play Store, the official repository of Android apps.
The researchers claim that the operators behind the Trojan were able to infect so many devices that a stable cash flow of illicit money was created, “resulting in millions of recurring revenue every month.”
The campaign has been running since November 2020 GriftHorse It consists in persuading the victims Hand over your phone number, which is then used for Subscribe to premium SMS services.
Victims first download seemingly innocent and legitimate Android apps. These apps range from puzzle games and utilities to dating and food and drink software, with the most popular malicious app – Translator – having at least 500,000 downloads.
However, upon installation, the GriftHorse Trojan, written in Apache Cordova, constantly bombards the user with messages, alerting them of fake prizes that have been won, and then redirecting them to a page of the website based on their geographical location and, by extension, their language.
Mobile phone users are then asked to provide their phone numbers for verification purposes. If they submit this information, they will then be opted into the premium services “without their knowledge and without their consent.”Note zLabs.
Some subscriptions are over €30 per month, and if the victim does not notice this suspicious transaction, they can theoretically be charged for months with little hope of getting their money back.
To avoid detection, malware operators use editable URLs instead of encrypted ones.
“This method allowed attackers to target different countries in different ways,” the team says. “This server-side examination goes beyond dynamic examination of network connections and behaviors.”
zLabs reported its findings to Google which promptly removed the Android apps that were classified as malicious from Google Play. However, these apps are still available on third-party platforms.
Are you sure you are protecting your data and devices connected online? Download our free e-book to learn tips and tricks to increase your level of security on the Internet.
“Web fanatic. Travel scholar. Certified music evangelist. Coffee expert. Unapologetic internet guru. Beer nerd.”
![Artificial Intelligence: A soft toy capable of expressing emotions? [VIDÉO]](https://m1.quebecormedia.com/emp/emp/robot_peluche_Moflin_2e41e6270d_1_6c2df3b0-26bb-4a94-90eb-e91f1661e740_ORIGINAL.jpg?impolicy=crop-resize&x=0&y=75&w=1300&h=731&width=1200 "Artificial Intelligence: A soft toy capable of expressing emotions? [VIDÉO]")
