![]() ![]() Upon accepting the invitation for the prize, the malware redirects the victim to a geo-specific webpage where they are asked to submit their phone numbers for verification. These pop ups reappear no less than five times per hour until the application user successfully accepts the offer. Upon infection, the victim is bombarded with alerts on the screen letting them know they had won a prize and needed to claim it immediately. The campaign has targeted millions of users from over 70 countries by serving selective malicious pages to users based on the geo-location of their IP address with the local language. Zimperium zLabs explains that it poses a threat to all Android devices by functioning as a Trojan that subscribes unsuspecting users to paid services, charging a premium amounting to around 36 Euros per month. What is Grifthorse Android Trojan and how does it work? That means you have to find them and delete them from your own phone. Even more troubling, they may be hidden inside some innocent apps that you may have downloaeded. They are still available on unsecured third-party app stores. However, while Google Play Store may have banned these apps, that does not mean users GriftHorse malware-powered malicious apps are gone. And while these malicious applications were initially distributed via both Google Play Store and third-party application stores, they have been removed from the Play Store since Zimperium zLabs reported its findings to Google. What makes them even more special is that these malicious Android applications appear harmless when looking at the store description and requested permissions, “but this false sense of confidence changes when users get charged month over month for the premium service they get subscribed to without their knowledge and consent,” the security research firm wrote in a blog post.Ī deep analysis of the Grifthorse Android Trojan suggests that the threat group has been running this campaign since November 2020. Researchers say that while ordinary online scams take advantage of phishing techniques, Grifthorse Android Trojan is unique in that it is hidden behind malicious Android applications acting as Trojans, which allows it to take advantage of user interactions for increased spread and infection. What makes Grifthorse Android Trojan unique? Security researchers at Zimperium zLabs recently discovered an aggressive mobile premium services campaign named Grifthorse Android Trojan that has targeted over 10 million Google Android users globally. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |