Image Courtesy: Social Media

Highlights:

  • Google banned nearly 136 apps on the play store, following a complaint filed
  • Zimperium has reported about malware that has stolen millions of dollars from Android smartphone users
  • Even after the Google Play Store banned these apps, it does not mean users GriftHorse malware powered malicious app are dismissed

Google banned nearly 136 apps on the play store, following a complaint filed. These apps include Handy Translator Pro, Heart Rate and Pulse Tracker, Geospot: GPS Location Tracker, iCare – Find Location, My Chat Translator, What’s Me Sticker, Safe Lock, CutCut Pro, Fitness Point, Photo Effect Pro, Call Recorder iCall, Truecaller & TrueRecorder, Photo Lab, Live Mobile Tracker and many more.

Security experts at Zimperium have reported about another malware that has stolen millions of dollars from Android smartphone users from across the world. Furthermore, the security researchers at Zimperium zLabs recently found an aggressive mobile premium services campaign named GriftHorse Android Trojan, which has targeted more than 10 million Google Android users globally.

Researchers stated that while ordinary online scams take advantage of phishing techniques, GriftHorse Android Trojan is unique as it is hidden behind malicious Android applications serving as Trojans, enabling it to take advantage of users in interactions for increased spread and infections.

In a blog post, the security research firm penned, “What makes them even more special is that these malicious Android applications appear harmless when looking at the store description and requested permissions, but this false sense of confidence changes when users get charged month over month for the premium service they get subscribed to without their knowledge or consent.”

Deep research of the malware shows that the threat group has been operating this campaign since November 2020. These malicious applications were initially distributed by play store and other third-party application stores but were removed as soon as Zimperium zLabs informed its findings Google.

The research firm noted that even after the Google Play Store banned these apps, it does not mean GriftHorse malware-powered malicious apps are dismissed. It added that these are still available on unsecured third-party app stores. Moreover, they may be hidden inside some of the apps that may have been downloaded. They cautioned that users must find them and delete them from their own phones.

The firm explained that it stands as a threat to all Android devices by functioning as a Trojan that subscribes unsuspecting users to paid services, charging a premium costing around 36 Euros per month. It continued that upon infection, the victim is bombarded with alerts showing that they have won a prize and that they need to claim it immediately. After acceptance and verification of the phone number, they would commence charging the mentioned amount.

The blog post added, “Overall, GriftHorse Android Trojan takes advantage of small screens, local trust, and misinformation to trick users into downloading and installing these Android Trojans, as well as frustration or curiosity when accepting the fake free prize spammed into their notification screens.”

LEAVE A REPLY

Please enter your comment!
Please enter your name here