According to new research, it seems GriftHorse Android malware has affected more than 10 million Android devices. Mobile security firm Zimperium discovered that the malware had infected more than 200 apps in 70 countries. The firm has already alerted Google about the malware. The company has already taken steps to remove the malicious code from its platform. However, apps distributed through third-party stores could still carry the malware.
GriftHorse Android malware attack method
The malware acts by subscribing Android users to premium services without their permission. The premium service costs about $42/€36 per month until canceled by the user. This scam has made the GriftHorse creators millions of dollars, earning $1.5 million and $4 million every month. When infected with this Android malware, the user starts getting alerts about a prize. It says they have won a prize and need to claim it immediately. According to researchers, these pop-ups appear five times per hour until the user accepts.
App Store apps not safe anymore
GriftHorse Android malware was so successful because it affected 200 apps spread across 18 different categories. Google has removed these apps from the Play Store, but it seems they have been operating since November 2020. This raises some serious questions about the Play Store security and review process. It’s a shame that users can’t even trust apps in official first-party stores anymore. However, considering how Google Play Store is the biggest marketplace for apps, it isn’t easy to check each for malware.