Malware 'Grift Horse' that stole hundreds of millions of yen every month from more than 10 million smartphones is reported



Zimperium, a mobile security company, has reported a new Android malware, GriftHorse, that unknowingly subscribes to paid subscriptions. Zimperium said that more than 10 million devices were damaged in more than 70 countries, and attackers stole about 1.2 million euros (about 160 million yen) to 3.5 million euros (about 450 million yen) every month. I'm estimating.

GriftHorse Android Trojan Steals Millions from Over 10 Million Victims Globally | Zimperium Mobile Security Blog
https://blog.zimperium.com/grifthorse-android-trojan-steals-millions-from-over-10-million-victims-globally/

New GriftHorse malware has infected more than 10 million Android phones --The Record by Recorded Future
https://therecord.media/new-grifthorse-malware-has-infected-more-than-10-million-android-phones/

New Android malware steals millions after infecting 10M phones
https://www.bleepingcomputer.com/news/security/new-android-malware-steals-millions-after-infecting-10m-phones/

The newly reported Grift Horse is malware that was loaded into about 200 apps distributed on Google Play and third-party Android app stores. Here's how Grift Horse steals money from the victim: First of all, the device with the Grift House-equipped app installed will display notifications such as 'I have a free gift' and 'I have a special offer for you' as shown in the image below.



When you tap this notification, you will be prompted to enter your phone number, saying 'You need to enter your phone number to receive the offer'. If you enter your phone number on this screen, you will be subscribed to the premium SMS service, which charges a monthly call charge of over 30 euros (about 3900 yen).



According to Zimperium, Grift Horse is also characterized by the large number of types of apps that have been installed. Below is a breakdown of the apps where Grift Horse was found, most of which are Tools, but they range from Puzzle, Communication, Lifestyle, Health & Fitness, and more.



Grift Horse raged on Google Play for five months from November 2020 to April 2021 when Google takes action, during which the damage amounted from 1.2 million euros (about 160 million yen) to 3.5 million euros every month. It is estimated that the number of devices damaged (about 450 million yen) has reached more than 10 million units in more than 70 countries. The countries where damage was confirmed are the countries painted in red below, including Japan.



According to Zimperium, there is almost no way to recover the money stolen by Grift Horse. The app has been removed from Google Play by a Zimperium notice, but cautioned that it may still remain in third-party app stores.

You can check the list of apps that Grift Horse is built in from the following.

GriftHorse Android Trojan Steals Millions from Over 10 Million Victims Globally | Zimperium Mobile Security Blog
https://blog.zimperium.com/grifthorse-android-trojan-steals-millions-from-over-10-million-victims-globally/



in Mobile,   Software,   Security, Posted by darkhorse_log