The GriftHorse campaign used smart technologies to prevent detection on Google Play.
Google has taken complex steps to block malicious apps on Google Play. But a new round of deletions involving 200 apps and more than 10 million potential victims shows that this long-standing problem remains unresolved — in which case, potentially costing users hundreds of millions of dollars.
These methods are common to malicious Play Store apps, and text-message fraud in particular is known. But researchers say it's important that attackers can pick up on these known methods in a way that is still very effective - and in great numbers - to communicate on Although Google has continually improved Android security and Play Store defenses.“This is an order of magnitude higher,” says the endpoint. These methods have been patched and proven. And when it comes to software counts, this is a carpet bombing effect. One may be successful, another may not, and that's fine.
The operation targeted Android users in more than 70 countries and specifically checked their IP addresses to see their geographic locations. The app displays web pages in the site's native language To make the experience more engaging. Malware operators were careful not to reuse URLs, which could make it easier for security researchers to track them. The content produced by the attackers was of high quality, without spelling and grammatical errors that could reveal clearer frauds. Zimperium is a member of Google Defense Sof The tware Association, an alliance of third-party companies that helps them monitor Play Store malware, has disclosed the GriftHorse campaign as part of that partnership. Google says that all apps detected by Zimperium have been removed from the Play Store and the developers of those apps have been banned.
However, researchers note that apps - many with hundreds of thousands of downloads - are still available through third-party app stores. They also noted that while SMS fraud is an ancient chestnut, it is still effective because harmful costs usually do not appear until the victim's next wireless bill. If the attackers can get their software into a company's hardware, they can even trick company employees into signing up with charges that might not go unnoticed on the company's phone number for years.
Although deleting many apps is now slowing down the GriftHorse campaign, researchers stress that new changes always appear. "These attackers are organized and professional. Zimperium CEO Sheridhar Mittal says they have made it a business and they have no intention of continuing." This was not the case once. p>
This story originally appeared on wired.com.
Hundreds of scam apps have infected more than 10 million Android devices
Alexa is on the move. Voice Assistant is available on all ...
It was initially toilet paper. Then there was another processor and silicone. It is now ca...
Google has made another change to the cost structure...