GriftHorse Android: malware with 10 million victims
Computer hackers, OK, they are criminals, but then what inventiveness and what talent to achieve their ends! Lately they really have competing for creativity in the technological field. BluStealer attack your cryptocurrencies directly in your wallets, fake emails from the police will ransom you, and you can even get infected with a phone call WhatsApp with the trojan Pegasus,… A very good time for cybercriminals, therefore, who have, it must be said, every day new developments to divert since the field of possibilities is only expanding. Lately it’s through apps Android that malware tapped the pockets of innocent victims.
GriftHorse: dada my account emptied!
A new threat was recently detected by the experts at Zimperium and we can say that the hackers have done very, very hard and have gone to great lengths to propose one of the most sophisticated and successful scams in history. Ocean’s Eleven in smartphones! According to estimates, these are over 10 million people who may have fallen victim to this elegantly named malware Grifthorse. Amount of theft? Several hundred million euros! Not bad is not it ?
Everything happens on the Play Store and alternative markets. There the pirates have put more than 200 applications online of all kinds to attract you to their trap. Leisure, simulation, meeting, translation, sports, education, fitness, music… All themes are covered and there really is something for everyone. To find the list of the apps concerned, we leave you visit the Zimperium page who offers it to you at the bottom of his article.
How it works ?
Once you have downloaded one of these applications, you find yourself bombarded with a message every 10 minutes telling you that you have won a gift. Owl ! We invite you to click on a link to claim your reward. By dint of receiving these notifications, you may end up giving in to the temptation. So you click. Where cybercriminals have done their best is that they use your geolocation. So you end up on a page in your language, as can be seen in these screenshots.
For the future victim, it is a substantial effort that gives them confidence. ” What pirate would go so far as to translate his page into Greek? “. Quite simply, the best, whose translation effort has reached people in at least 70 countries around the world! You are then asked to enter your phone number. If you have the misfortune to do so, you will end up in spite of yourself subscribed to a premium SMS service which is billed to you 36 € / month. If you don’t pay more attention to your bank statements, you might not notice it right away. You should also know that, in this kind of case, it is almost impossible to recover your money even if it is proven that the expenditure was due to malicious intent.
It would appear that this campaign was launched in November 2020 with malicious app updates through April this year. Thanks to the sophistication of the scam (no hard-coded URLs, no reuse of domains, etc.), Grifthorse went unnoticed for many months. Zimperium recently warned Google which has banned from its Play Store the applications concerned. Be careful, however, it is still possible to be a victim since they are still available in other markets not approved by the dads of the Android system.
