Cybersecurity specialists have discovered a new malware that affects Android phones. The new Android trojan dubbed grifthorse was spread via the Google Play store as well as some third-party app stores and infected more than 10 million devices all over the world.
According to experts at Zimperium zLabs, the hackers behind this sophisticated malware distribution campaign probably made tons of money by subscribing unaware Android users to premium services.
They explained that the GriftHorse operation has been functional since at least November 2020 and through April 2021.
The malware has been planted in over 200 Android applications that have been approved for distribution on the Google Play store and other third-party app stores.
Zimperium has reached out to Google and notified them about the incident, after which the malware-related applications were immediately removed from the Play Store. Unfortunately, they can still be downloaded from third-party apps.
The researchers estimated that GriftHorse developers are currently making somewhere between $ 1.5 to $ 4 million every month by using this method.
GriftHorse Campaign Made Victims All Over the World
The GriftHorse trojan has been used by the threat actors in order to infect their targets and unknowingly subscribe them to paid services,