Security News > 2021 > September > Don't look a GriftHorse in the mouth: Trojan trampled 10 million Android devices

Mobile security firm Zimperium, which first identified the GriftHorse Android Trojan, says the malware has infected more than 10 million Android devices worldwide; a fraction of one per cent of active 'droid devices, but still misery for literally millions of people.

In a blog post on Wednesday, Zimperium researchers Aazim Yaswant and Nipun Gupta said that Trojan code dubbed GriftHorse has been spotted in more than 200 malicious apps in at least 70 different countries and has been afflicting Android phones since November 2020.

So reviewing the lengthy list of affected apps in the Zimperium's blog post probably isn't necessary for Android devices tied to Google Play.

The subversive code may still be present in Android apps distributed through third-party stores, the researchers said, coincidentally echoing a talking point favored by Google and Apple about maintaining their app store control for the sake of security.

GriftHorse apps are designed to subscribe Android users to premium services without their permission, resulting in charges of about €36 per month until noticed and cancelled by the victim.

The Register asked Google whether it anticipates the need to look into limiting the update mechanisms used in Android apps built with Apache Cordova, but we've not heard back.

News URL

https://go.theregister.com/feed/www.theregister.com/2021/09/29/grifthorse_trojan_android/