Main menu


How GriftHorse viruses steal money from Android users and how to protect your phone 

How GriftHorse viruses steal money from Android users and how to protect your phone 

Every day, cybercriminals master the creation of dangerous new malware and viruses that can bypass the protection imposed on devices by manufacturers. Certainly, the goals of these viruses, including ransomware, vary, including those that steal information, spy on users, steal their money, and other goals that we will not discuss today. But the annoying thing is that your phone has not become secure after these recent attacks, so you should be careful.

How GriftHorse viruses infect Android phones to steal users' money and how to protect your phone
According to new research, it appears that dangerous GriftHorse Android malware and viruses have affected more than 10 million Android devices. Mobile security firm Zimperium discovered that the malware had infected more than 200 apps in 70 countries. The company has already alerted Google about the malware. The company has already taken steps to remove the malicious code from its Android platform and Google Play Store. However, apps distributed through third-party stores can still carry malware.

How to attack malware on Android phones GriftHorse Android
The malware works by forcing Android users to subscribe to premium-priced services without their permission. The premium service costs around $42 / €36 per month until canceled by the user. This scam has saved the creators of the GriftHorse virus millions of dollars, earning them between $1.5 million and $4 million a month. When infected with this Android malware, the user starts receiving alerts about the prize. She says they have won a prize and need to claim it immediately and get it. According to the researchers, these pop-ups appear five times an hour until the user accepts them.

After accepting the offer, the Android malware will redirect the user to a website to request their number. If the person gives their number, they will be sent a premium SMS subscription. All GriftHorse applications are built using the open-source Apache Cordova framework. They rely on web technology such as HTML, CSS, and JavaScript, which automatically forces updates to applications without user interaction. Unfortunately, not all antivirus programs detect this malware.

App Store apps are no longer secure.
The GriftHorse Android malware was so successful that it affected 200 apps spread across 18 different categories. Google removed these apps from the Play Store, but they appear to have been working since November 2020. This raises some serious questions about the Play Store's security and review process. It's a shame that users can't trust the apps in the official first-party stores anymore. However, considering that Google Play is the largest app market, it is not easy to check for malware in each of them.

How to Protect Your Android Phone from GriftHorse Viruses

Certainly, we always say that prevention is better than cure, so you must first, and we have mentioned this matter over and over again, not download any applications from any unreliable stores, as well as even when downloading from the Google Play Store itself, avoid downloading unknown applications because the store is currently targeted with hundreds of unreliable applications. It is affected by these dangerous viruses, and Google is trying to remedy the situation. Finally, do not get carried away by any promises of imaginary prizes or rewards, click on any advertisements, or enter any data of your own.