GriftHorse Android Malware May Be Infecting Your Smartphone Too

According to new research, it seems GriftHorse Android malware has affected more than 10 million Android devices. Mobile security firm Zimperium discovered that the malware had infected more than 200 apps in 70 countries. The firm has already alerted Google about the malware. The company has already taken steps to remove the malicious code from its platform. However, apps distributed through third-party stores could still carry the malware.

GriftHorse Android malware attack method

The malware acts by subscribing Android users to premium services without their permission. The premium service costs about $42/€36 per month until canceled by the user. This scam has made the GriftHorse creators millions of dollars, earning $1.5 million and $4 million every month. When infected with this Android malware, the user starts getting alerts about a prize. It says they have won a prize and need to claim it immediately. According to researchers, these pop-ups appear five times per hour until the user accepts.

After accepting the offer, the android malware will redirect the user to a website to ask for their number. If a person does give their number, it will then be submitted to a premium SMS service subscription. The GriftHorse apps are all built with an open-source Apache Cordova framework. They rely on web technology like HTML, CSS, and JavaScript, which automatically push updates to apps without user intervention. Unfortunately, this malware went undetected by all anti-virus software.

App Store apps not safe anymore

GriftHorse Android malware was so successful because it affected 200 apps spread across 18 different categories. Google has removed these apps from the Play Store, but it seems they have been operating since November 2020. This raises some serious questions about the Play Store security and review process. It’s a shame that users can’t even trust apps in official first-party stores anymore. However, considering how Google Play Store is the biggest marketplace for apps, it isn’t easy to check each for malware.