Security News > 2021 > September > GriftHorse Money-Stealing Trojan Takes 10M Android Users for a Ride

GriftHorse Money-Stealing Trojan Takes 10M Android Users for a Ride
2021-09-29 18:08

More than 10 million Android users have been saddled with a malware called GriftHorse that's trojanizing various applications and secretly subscribing victims to premium mobile services - a type of billing fraud that researchers categorize as "Fleeceware."

Zimperium uncovered more than 130 GriftHorse apps being distributed through both Google Play and third-party application stores, across all categories.

Google removed the flagged apps, but GriftHorse is far from corralled: There could be additional Play apps, installs could still be active on peoples' phones, and the apps remain in many unofficial stores.

If users are unlucky enough to download one of the apps, they'll find themselves "Bombarded with alerts on the screen letting them know they had won a prize and need to claim it immediately," according to Zimperium's Wednesday analysis.

GriftHorse is not the only malware that looks to defraud victims via trojanized apps.

The well-documented Joker malware, for example, has been circulating since 2017, disguising itself within hundreds of common, legitimate apps like camera apps, games, messengers, photo editors, translators and wallpapers.


News URL

https://threatpost.com/grifthorse-money-stealing-trojan-android/175130/

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Android 4 0 17 2 0 19