Skip to Content
© Vladyslav Yushynov |
Security & privacy

10M Android phones are open to a money-stealing attack

There is no brand or make of mobile phone that is entirely impervious to malware, but unfortunately, Android does bear its brunt. This is in part due to Google’s operating system being so widely used.

For hackers, it is in the economy of scale. The more users on a particular platform, the wider their net of malicious activities and the higher potential reward. Tap or click here to see how spoofed Netflix apps are spreading malware.

That is why Android users must be vigilant when downloading applications. And a new malware campaign has once again proven this point.

Here’s the backstory

This malware attack campaign was discovered by security firm Zimperium and found it potentially enrolled 10 million Android users into paid-for text subscriptions services. Some of the subscriptions cost as much as $35 a month.

Dubbed GriftHorse, the malware had been injected into more than 200 Android apps. When you download an infected app, you’ll start to see pop-up messages that claim you have won a prize. They can appear at a rate of five an hour until you eventually accept.

The message will then direct you to put your phone number into a web page to be verified. But it is this page where you essentially sign up for premium text services.

The Zimperium report explains that criminals have taken great care not to get caught by avoiding hardcoding URLs or reusing the same domains.

The 10 apps with the most downloads that have been infected with GriftHorse malware are:

  • Handy Translator Pro (between 500,000 and 1,000,000 downloads)
  • Heart Rate and Pulse Tracker (between 100,000 and 500,000 downloads)
  • Geospot: GPS Location Tracker
  • iCare – Find Location
  • My Chat Translator
  • Bus – Metrolis 2021
  • Free Translator Photo
  • Locker Tool
  • Fingerprint Changer
  • Call Recoder Pro

What you can do about it

The best way to protect yourself is to make sure that you only download apps from the official Google Play Store. There are plenty of third-party app stores, but they don’t have the security measures that Google does.

In terms of premium text services, there is often very little that you can do immediately to undo the charges. The best option would be to contact your service provider and alert them to the specific scam.

It is also a good idea to delete questionable apps. Especially ones that you don’t use. To delete apps on Android:

  • Open the Google Play Store app.
  • At the top right, tap the profile icon.
  • Tap Manage apps & devices, then Installed.
  • Go through the list of displayed applications.
  • Next to the app you want to remove, tap Uninstall.

The most important precaution you can take is to have trustworthy antivirus software on all of your devices. We recommend our sponsor, TotalAV.

With TotalAV, you get so much more than antivirus protection. It’s the full package: A security suite that protects your computer and smartphone from today’s threats.

Go to now to save 85% on total protection you can trust. What are you waiting for?

Keep reading

Security tip: The right way to clean out your smartphone apps

10 apps you should remove from your phone right now

Stop robocalls once and for all

Robocalls are not only annoying, but they scam Americans out of millions every year. Learn Kim's tricks for stopping them for good in this handy guide.

Get the eBook