GriftHorse Android Trojan Subscribes you to Expensive Services
The GriftHorse Android Trojan is a threat, which has been active for over a year. Allegedly, it may have infected over 10,000,000 Android devices all over the world. The malware is being spread through fake applications hosted on shady app stores, or even on the official Google Play Store. The criminals might be using over 130 bogus applications to spread the malware. Cybersecurity researchers report that many of those apps are absolutely useless, while others have some basic functionality. The criminals usually promote them as handy tools that can do a wide range of tasks. Typically, the malware-laced apps were media players, small games, file conversion utilities, calorie trackers, etc.
What does the GriftHorse Android Trojan do?
Usually, modern Android malware focuses on controlling the device or hijacking banking credentials. However, the GriftHorse Android Trojan uses a more classic approach. This Trojan is classified as fleeceware. This type of malware generates money for its creators by subscribing victims to expensive services – a portion of the signup fee is received by the perpetrators of the attack.
Allegedly, many of GriftHorse Android Trojan's victims only find out about the attack when they notice that their phone bill is higher than usual. Typically, this Trojan's activities result in paying at least $30-40 more per month.
When a user infects their device with the GriftHorse Android Trojan, the malware might spam them with pop-ups and notifications. Often, those messages assure the victim that they can claim prize they just won. However, in order to verify their identity and confirm their phone number, the victim needs to send a text message. According to the fake pop-ups, this message costs nothing. However, in reality, it is sent to an expensive subscription service that will charge $30-40 on a monthly basis. Although the majority of the bogus apps spreading the GriftHorse Android Trojan have been taken down, there are still millions of active copies on devices all over the world. Android users can protect their phones from such attacks by using up-to-date antivirus apps. Also, they should remember to only download trustworthy and verified apps, from reputable sources.