More than 10 million Android users on their devices were infected by a new spyware dubbed the Android Trojan Grifhorse, which bombarded them with numerous reward notifications.
According to a security analysis from Zimperium zLabs, Grifhorse's Android Trojan software can be detected in more than 200 malicious apps it agrees to distribute on the Google Play Store. It is also seen in the third-party app market. Currently, Zimperium claims that the virus has stolen tens of millions of dollars from its victims.
The Grifhorse Android Trojan works by bombarding users with messages about special gifts and discounts. They are then sent to the web page. Where they are asked to register with their phone number to confirm their entry.
Instead of being put into any discounts or contests. A user's phone number is often signed up to several SMS subscription services. Some of these can cost up to $35 per month.
On its website, Zimperium has compiled a list of programs infected with the Grifhorse Trojan. The company also claims that the virus has infected Android users in more than 70 countries. Including the United States, Russia, China, India, Brazil, and others.
The Grifhorse Android Trojan was most active from November 2020 to April 2021 before it was identified, and Google has removed malicious programs from the Play Store. However, the program is still available in some unprotected third-party stores.
To avoid downloading infected apps, Zimperium advises against sideloading programs on your Android smartphone if you're unsure of the app's security and origin.