Google has been trying for years to keep malware out of the Play Store, but its success has been limited. The company is constantly deleting these programs, and the latest round of removal includes 200 programs in several different groups that were used to spread the GriftHorse malware to more than 10 million victims.
Apple has been slow on iOS security lately, despite the heated debate over iOS and Android, claiming that the mobile operating system recently contains 47 times more malware because of its openness. Download Sideware However, it's hard to argue against the fact that Android is more attractive to malware developers, because they advertise it whenever they want.
Image: Heatmap of over 10 million victims
According to researchers at Zimperium zLabs (via TheRecord), there is a new Android Trojan named GriftHorse in less than 200 malicious apps in the Google Play Store as well Some third-party app stores have been verified, and are included. So far, malware operators have infected more than 10 million Android devices from more than 70 countries and stolen tens of millions of dollars from their victims. In their report, the researchers explained that the GriftHorse campaign is active from at least November 2020 until April 2021. When a user installs any malware, GriftHorse generates a large number of notifications and windows that attract people with special discounts or various rewards. People who click on these items are redirected to a web page where they are asked to verify their phone number to access ads.
This is not the first time that this type of attack has been applied to Android users. In 2018, mobile security and data management company Wandera found a similar piece of malware that can send SMS messages to top services. And judging by the complexity of the GriftHorse campaign, they've likely been doing this for a long time.
New Android malware has infected more than 10 million Android devices