Android smartphones currently are the targets of malware that has infected approximately 10 million devices around the world. GriftHorse, a pest, has been around for some time and has been thoroughly analyzed.
Security company Zimperium has discovered the malware. It must also be noted that the distribution channel is primarily the Google Play Store. This malicious code is hidden in many apps and then sits waiting for unaware users. GriftHorse was also discovered in other app stores.
This malware should be detected quickly by the user. AdWare is one component of the malware. It bombarded users with popups and messages about prices and special offers. This is the most harmless component. The malware infects the background and ensures that subscribers are made for premium SMS services. Each one costs approximately 30 euros.
Millions in revenue
According to Zimperiums, it is the most common malware campaign in the field this year. It was clear that GriftHorses, the developers of the bug, put a lot of effort into it. The code is high quality and regularly maintained. It is also used on camouflage mechanisms to avoid detection. Distribution takes place on a wide variety of platforms and apps.
GriftHorse has most of the apps hidden in the Play Store’s Tools category. Entertainment offers are also well represented. However, it is difficult to find GriftHorse applications in any section. Security researchers believe that the malware generated between 1.2 million to 3.5 million euros per month for its developers, based on its spread and activities over the course of the year.