GriftHorse trojan has stolen millions from Android users


Join gaming leaders online at GamesBeat Summit Next this upcoming November 9-10. Learn more about what comes next. 

The GriftHorse Android trojan has hit over 10 million victims globally, according to the research arm of mobile security firm Zimperium.

Zimperium’s zLabs recently discovered GriftHorse, an aggressive mobile premium services campaign, and says the total amount stolen could be well into the hundreds of millions of euros. While typical premium service scams take advantage of phishing techniques, this specific global scam has hidden behind malicious Android applications acting as trojans, allowing it to take advantage of user interactions for increased spread and infection.

These malicious Android applications appear harmless when looking at the store description and requested permissions, but this false sense of confidence changes when users get charged month after month for the premium service they get subscribed to without their knowledge and consent.

Forensic evidence of this active Android trojan attack, which zLabs has named GriftHorse, suggests that the threat group has been running this campaign since November 2020. These malicious applications were initially distributed through both Google Play and third-party application stores. Zimperium zLabs reported the findings to Google, who verified the provided information and removed the malicious applications from the Google Play store. However, the malicious applications are still available on unsecured third-party app repositories, highlighting the risk of sideloading applications to mobile endpoints and the need for advanced on-device security.

Read the full report by Zimperium zLabs.


VentureBeat’s mission is to be a digital town square for technical decision-makers to gain knowledge about transformative technology and transact.

Our site delivers essential information on data technologies and strategies to guide you as you lead your organizations. We invite you to become a member of our community, to access:

  • up-to-date information on the subjects of interest to you
  • our newsletters
  • gated thought-leader content and discounted access to our prized events, such as Transform 2021: Learn More
  • networking features, and more

Become a member

Products You May Like

Articles You May Like

Apple Worker Says She Was Fired for Leading Movement Against Workplace Harassment
16 Coolest Gadgets for Men That Are Worth Seeing
GamesBeat Summit Next: Take-Two CEO Strauss Zelnick, Niantic’s John Hanke, Xbox’s Sarah Bond
Twitter Adds New Feature to Remove Followers Without Blocking Them on Web
Apple MacBook Pro Specifications Tipped Ahead of Launch, Said to Feature Mini-LED Display

Leave a Reply

Your email address will not be published. Required fields are marked *