https://safirsoft.com Hundreds of scam apps have infected more than 10 million Android devices

The GriftHorse campaign used smart technologies to prevent detection on Google Play.

Google has taken complex steps to block malicious apps on Google Play. But a new round of deletions involving 200 apps and more than 10 million potential victims shows that this long-standing problem remains unresolved — in which case, potentially costing users hundreds of millions of dollars.

Researchers at mobile security company Zimperium say a large-scale scam campaign has infected Android since November 2020. As is often the case, attackers managed to disguise malicious apps like Handy Translator Pro, Heart Rate, Heart Rate Tracker and Bus-Metrolis 2021 as a showcase of something more. Buy on Google Play. Be. After downloading a malware, the victim receives a series of notifications, five hours an hour, forcing them to "verify" their phone number for the reward. The Prize claim page loads through the app's browser, and is a common technology to block malicious tags outside of the app's code. Once a user enters their numbers, the attackers use the premium wireless SMS billing feature to score them at around $42 a month. This is a mechanism that usually allows you to pay for digital services or, for example, send money to a charity via text message. In this case he went directly to the scammers. Devices ">

These methods are common to malicious Play Store apps, and text-message fraud in particular is known. But researchers say it's important that attackers can pick up on these known methods in a way that is still very effective - and in great numbers - to communicate on Although Google has continually improved Android security and Play Store defenses.

“This is an order of magnitude higher,” says the endpoint. These methods have been patched and proven. And when it comes to software counts, this is a carpet bombing effect. One may be successful, another may not, and that's fine.

The operation targeted Android users in more than 70 countries and specifically checked their IP addresses to see their geographic locations. The app displays web pages in the site's native language To make the experience more engaging. Malware operators were careful not to reuse URLs, which could make it easier for security researchers to track them. The content produced by the attackers was of high quality, without spelling and grammatical errors that could reveal clearer frauds. Zimperium is a member of Google Defense Sof The tware Association, an alliance of third-party companies that helps them monitor Play Store malware, has disclosed the GriftHorse campaign as part of that partnership. Google says that all apps detected by Zimperium have been removed from the Play Store and the developers of those apps have been banned.

However, researchers note that apps - many with hundreds of thousands of downloads - are still available through third-party app stores. They also noted that while SMS fraud is an ancient chestnut, it is still effective because harmful costs usually do not appear until the victim's next wireless bill. If the attackers can get their software into a company's hardware, they can even trick company employees into signing up with charges that might not go unnoticed on the company's phone number for years.

Although deleting many apps is now slowing down the GriftHorse campaign, researchers stress that new changes always appear. "These attackers are organized and professional. Zimperium CEO Sheridhar Mittal says they have made it a business and they have no intention of continuing." This was not the case once.

This story originally appeared on wired.com.

Hundreds of scam apps have infected more than 10 million Android devices
hundreds-of-scam-apps-have-infected-more-than-10-million.html

https://safirsoft.com Apple Watch iFixit error involves theory about device latency

Apple Watch iFixit error involves theory about device latency

Screen challenges may have delayed startup. This time, let's take a look at the inside of the Apple Watch Series 7.

...
https://safirsoft.com Amazon makes it easy to bring different types of silicone to Alexa devices

Amazon makes it easy to bring different types of silicone to Alexa devices

More variety in SoCs may give products more control over things like battery life.

Alexa is on the move. Voice Assistant is available on all ...

https://safirsoft.com The shortage of cardboard is another blow to the strained supply chain

The shortage of cardboard is another blow to the strained supply chain

And right in times of holiday shopping excitement.

It was initially toilet paper. Then there was another processor and silicone. It is now ca...

https://safirsoft.com AMD and Microsoft release Ryzen slowdown in Windows 11

AMD and Microsoft release Ryzen slowdown in Windows 11

Both Microsoft and AMD have released patches to fix AMD Ryzen performance issues in older versions of Windows 11, according to a recently updated AMD ...
https://safirsoft.com MSI Summit E13 Flip Evo Review: Flip the Right Direction

MSI Summit E13 Flip Evo Review: Flip the Right Direction

Great performance, strong port selection, strong contender. Get great portability from a highly portable device from lightweight chassis just 1 inch t...
https://safirsoft.com Google is halving its share of in-app subscriptions in the Play Store

Google is halving its share of in-app subscriptions in the Play Store

This is the latest in a series of redistribution changes aimed at preventing regulation.

Google has made another change to the cost structure...