Security News > 2021 > September > New Android malware steals millions after infecting 10M phones
A large-scale malware campaign has infected more than 10 million Android devices from over 70 countries and likely stole hundreds of millions from its victims by subscribing to paid services without their knowledge.
According to the researchers' estimates, the cybercriminals could steal millions in recurring payments every month from victims around the world.
They used the GriftHorse malware to infect their victims and subscribed them to premium services, lining their pockets with hundreds of millions.
"Zimperium zLabs recently discovered an aggressive mobile premium services campaign with upwards of 10 million victims globally, and the total amount stolen could be well into the hundreds of millions of Euros," Zimperium said.
"The numerical stats reveal that more than 10 million Android users fell victim to this campaign globally, suffering financial losses while the threat group grew wealthier and motivated with time."
While their victims are likely still trying to recover the money stolen via premium subscriptions, the cybercrime group behind the GriftHorse trojan made off with hundreds of millions.
News URL
Related news
- Triada Malware Preloaded on Counterfeit Android Phones Infects 2,600+ Devices (source)
- SpyLend Android malware downloaded 100,000 times from Google Play (source)
- Vo1d malware botnet grows to 1.6 million Android TVs worldwide (source)
- Serbian police used Cellebrite zero-day hack to unlock Android phones (source)
- Amnesty Finds Cellebrite’s Zero-Day Used to Unlock Serbian Activist’s Android Phone (source)
- BadBox malware disrupted on 500K infected Android devices (source)
- North Korea’s ScarCruft Deploys KoSpy Malware, Spying on Android Users via Fake Utility Apps (source)
- New Android malware uses Microsoft’s .NET MAUI to evade detection (source)
- APT36 Spoofs India Post Website to Infect Windows and Android Users with Malware (source)
- Android Malware Exploits a Microsoft-Related Security Blind Spot to Avoid Detection (source)