A dangerous Trojan horse is spreading to Android. Check your phone bill

Malicious software is not immune to the official application store from Google, so be careful when installing lesser-known applications. Recently, however, millions of devices have been attacked by a Trojan horse called GriftHorse, which has been hiding in innocent-looking applications. The Android Authority portal informed about the topic.

Above you can see a screenshot of a Trojan horse in action. Users have been notified on infected devices that they can receive a free gift. When clicked, the device redirected them to a web page that requested a phone number to verify their identity. In reality, however, the site used this number to subscribe to a fake service. Depending on the application, these were different amounts, but on average the prices of a monthly subscription were around 40 euros.

In this case, because all payments go through the operator and are only added to the flat rate invoice, the attackers did not need any additional personal information from the user, such as a debit card number.

The Trojan has been hidden in more than 200 applications

The Trojan horse hid in more than 200 applications from various categories. Google has confirmed that it has already removed all the affected apps from the Play Store, but they may still be located in unofficial stores or directly on your device. It is estimated that GriftHorse has robbed more than 10 million users worldwide. Only one of the infected applications (“Handy Translator Pro”) received more than 500,000 downloads.

GriftHorse has probably been active since November 2020. This means that the first victims have so far lost more than 400 euros. Judging by the number of infected applications, attackers were able to earn millions of euros thanks to it.