GriftHorse: A New Trojan Stealing Millions From Android Users

Smartphones have overtaken computers as the most popular device for accessing the internet. Android is the leading operating system worldwide, and cybercriminals have long targeted its users with different types of malware, including Trojans.

A new, dangerous Android Trojan dubbed GriftHorse has been spotted in the wild.

GriftHorse Trojan Hides in Apps

Mobile security company Zimperium released an extensive report this week revealing that GriftHorse has stolen hundreds of millions of dollars from more than 10 million Android users in approximately 70 countries worldwide.

The cybercriminals behind GriftHorse don't rely on conventional deployment tactics. Instead, they launch the malware through seemingly legitimate applications, most of which were available on the Play Store until Zimperium notified Google.

RELATED: Report: Google Play Protect Sucks at Detecting Malware

More than 200 apps were used in the GriftHorse campaign, which dates back to November 2020. They were spread across various categories, which allowed the cybercriminals to target a wide range of users.

How GriftHorse Trojan Works

The GriftHorse Trojan's modus operandi is fairly simple. Once the victim downloads the malicious app, they are bombarded with notifications telling them they've won a prize (e.g. “Take your GIFT today for FREE”) and just need to claim it.

The notifications are sent out as many as five times per hour, until the victim agrees to put in their phone number. Once they do that, they are subscribed to a premium SMS service that charges them around $40 per month.

The notifications are usually in the victim's native tongueβ€”this rudimentary social engineering technique increases the cybercriminals' success rate because people are generally more comfortable sharing information when asked in their own language.

Protect Yourself Against GriftHorse

Though GriftHorse apps can no longer be downloaded from the Google Play Store, they are available on several third-party app stores, which illustrates how important it is to never download apps from untrusted sources.

On the other hand, the fact that they were available on the most popular app store in the world suggests that one can never be too careful.

To protect your device (and your bank account), stay away from apps from unknown developers, pay attention to reviews, never install apps that demand unusual permissions, and consider investing in antimalware software.

Author: Damir Mujezinovic

Source: Damir Mujezinovic.” GriftHorse: A New Trojan Stealing Millions From Android Users”. Retrieved From

All Rights Of This Article Reserved To MakeUseOf

Leave a Reply

Your email address will not be published. Required fields are marked *

%d bloggers like this: