Over 10M Android Users Infected by GriftHorse Trojan

By Explorer -

 A mobile premium services campaign infected over 10 million Android users with the GriftHorse Trojan.

More Than 200 Malicious Apps in Play

Discovered by Zimperium, the GriftHorse Trojan operation used more than 200 Trojan apps to target Android users all over the world.

The largest proportion of those Trojanized apps used entertainment as a theme at 12.7%. This was followed by personalization, lifestyle and simulation at 5.6%, 5.6% and 4.2%, respectively.

Once installed, a GriftHorse’s app began by pushing notifications on the infected device at least five times an hour. The campaign used that to attract the user’s attention and lure them into using the app.

In the end, Trojan campaign used one of two variants to subscribe the victim to several paid and premium SMS services.

The first version required the user to interact with a ‘Continue’ or ‘Click’ button. Doing so sent an SMS text message subscribing the victim to those services.

The second variant performed the same function as the first. However, it required that the victim enter their phone number and register it with the server’s backend before completing the subscriptions. In total, the Trojan’s operators ran this scam on over 10 million Android users in over 70 countries.

Many of those Trojanized apps charged their victims over €30 ($35) per month. Zimperium determined that attackers were using Google’s Play Store and third-party app services to distribute the malware.

The security firm reported the campaign to Google, whose researchers responded by removing the Trojanized apps from the Play Store. At the time of writing, some of the apps were still up on third-party app stores, however.

Similar Android Trojan Attacks

GriftHorse isn’t the only Android malware that’s sought to entrap victims in paid and premium SMS subscriptions.

In April 2021, for instance, Doctor Web discovered the first malware from AppGallery, the official app store for Huawei Android devices. The threat turned out to be a variant of the Joker malware Trojan that used 10 versions of itself to subscribe victims to premium mobile services.

Several months later, security researcher Lukas Stefanko uncovered another version of the Joker malware Trojan. This one used the Netflix series “Squid Game” as a lure to target victims with ad fraud and unwanted SMS subscriptions.

About a month later, Avast uncovered the UltimaSMS campaign. This used 151 apps on Google’s Play Store to enroll victims in premium SMS services.

How to Defend Against Trojan Attacks Like GriftHorse

Organizations can defend against Trojan attacks on mobile by investing in their security awareness training. Specifically, they can create modules around teaching their employees to download apps from trusted developers on official stores only. They can use that same training to teach employees some of the telltale signs of a mobile premium services campaign, such as constant notifications and suspicious recurring payment card charges.Source: https://securityintelligence.com/news/android-grifthorse-trojan/

Comments

Post a Comment

Popular posts from this blog

How a cyber attack hampered Hong Kong protesters

By Explorer -
Image
Massive public protests taking place in Hong Kong over the past week are aimed at a new extradition law, known as the Fugitive Offenders Ordinance , that would see accused criminals extradited to mainland China to face prosecution. Hongkongers feel the law could be used to legalise the kidnapping of people who express views, and act in ways, that are not popular with the Chinese government . The same law could also be used to extradite tourists and visitors to China who are arrested on suspicion of having committed these crimes. Protesters want the bill scrapped. For now, debate of the legislation has been postponed . Organisers say one million people turned out for the protests, while police estimate the number was around 240,000. Either way, it was a significant number of Hong Kong’s 7.5 million population. Commentators on Twitter remarked on how well organised the protesters were. So, how did they do it? Protesters across the world are using n
Read more

‘Not Hospital, Al-Shifa is Hamas Hideout & HQ in Gaza’: Israel Releases ‘Terrorists’ Confessions’ | Exclusive

By Explorer -
 According to a video of interrogation of "Hamas terrorists" released by Israel Security Agency Shin Bet, accessed exclusively by News18, "The Shifa hospital has been made with many considerations as Hamas knew that medical places won’t be attacked by the enemy. Equipment, explosives and other material has been kept there." Hamas is using hospitals in Gaza as covers and have turned them into ammunition depots, according to a video of interrogation of “Hamas terrorists" released by  Israel Security Agency  Shin Bet, accessed exclusively by News18. ALSO READ | Israel-Hamas War LIVE Updates  HERE The Israeli military has claimed that those featuring in the video released on Saturday are Hamas terrorists, who participated in the  October 7 attack  on Israel. “Most of the tunnels are hidden in hospitals. There are multiple underground levels. Al-Shifa Hospital is not small, it is a big place that can be used to hide things," a man is seen saying. “The Al-Shifa
Read more

Islam Has Massacred Over 669+ Million Non-Muslims Since 622AD

By Explorer -
Image
In fact, no ideology has been as genocidal as Islam… Islam has killed more than 5 times the number of people killed by communism. In the total numbers we have updated over 80 million Christians killed by Muslims in 500 years in the Balkan states, Hungary, Ukraine, Russia. Then we have India. The official estimate number of Muslim slaughters of Hindus is 80 million. However, Muslim historian Firistha (b. 1570) wrote (in either Tarikh-i Firishta or  the Gulshan-i Ibrahim) that Muslims slaughtered over 400 million Hindus up to the peak of Islamic rule of India, bringing the Hindu population down from 600 mil to 200 million at the time. With these new additions the Muslim genocide of non-Muslims since the birth of Mohammed would be  over 669 million murders. Islam: The Religion of Genocide Perspective:   Think the Spanish inquisition was bad? More people are killed by Islamists each year than in all 350 years of the Spanish Inquisition* combined. The Spanish inquisition ( Tribunal del Sant
Read more