A new Trojan has been discovered lurking in more than a hundred apps on the Android Play Store. It has already claimed more than ten million victims around the world by abusing the SMS payment system.
Google has greatly improved the security of PlayAndroid in recent years, but even so, criminals are always finding new ways to get through it. This is how a new campaign managed to kill at least ten million people and steal several hundred million euros.
The case was discovered by the cybersecurity company , who named this attack GriftHorse. According to specialists, it has been raging since November 2020 in more than 70 countries. After installation, bombards the user with notifications that he has won a prize and needs to confirm his to receive it. The victim is then registered for a premium SMS service with a monthly billing of more than 30 euros per month.
A Trojan horse with a monthly subscription
The victim does not realize the costs, and therefore, before consulting his bank statement. Thus, criminals may, in some cases, continue to receive During months. They bypass the security of using an in-app browser, which displays a page in the local language. The researchers emphasized the quality of the page, written without spelling mistakes, unlike most scams. In addition, the criminals used different addresses for each application so as not to arouse suspicion.
In all, Zimperium lists 136whose names were passed on to Google, which removed them from the Play Store. Despite visibly still imperfect security, it is much safer to download your from the Play Store, rather than third-party stores where bogus GriftHorse apps are still available.