Up to 10 million Android users hit by money-stealing malware — what to do
Up to 10 meg Android users hit by money-stealing malware — what to exercise
A new Android malware campaign has been using corrupted apps to secretly enroll up to 10 million unsuspecting victims into paid-SMS subscriptions that can cost upward to $35 per month, reports security firm Zimperium in a blog post today (Sept. 29).
There are more than than 200 of these infected apps, more often than not consisting of utility and amusement apps, and victims have been found in 70 countries worldwide, including the U.S., the rest of North America and most of Europe.
- Amazon Astro chosen 'privacy nightmare' and 'terrible' — hither's why
- The all-time Android antivirus apps
- Plus: Why millions of iPhones, TVs, other devices could go offline this calendar week
Several dozen infected apps were constitute in the official Google Play shop and kicked out after Zimperium notified Google of their being, but many more apps tin still be constitute on 3rd-party app stores.
"These malicious Android applications appear harmless when looking at the store description and requested permissions, but this imitation sense of confidence changes when users get charged month over calendar month for the premium service they become subscribed to without their knowledge and consent," says researcher Aazim Yaswant in the Zimperium report.
Zimperium calls the malware entrada "GriftHorse" and says information technology has been running since November 2020.
How to protect yourself from GriftHorse
To protect yourself from GriftHorse and similar Android malware campaigns, make sure you install apps only from the official Google Play store. In the nigh contempo versions of Android, this means not allowing any apps to "install unknown apps."
You'll as well want to install and use i of the best Android antivirus apps. At the time of this writing, few of the GriftHorse-infected apps were recognized as malicious by almost malware-detection engines, simply that volition change over the course of the 24-hour interval every bit Zimperium's report is read.
If yous practice autumn victim to such a scam, contact your wireless carrier and explain that you lot did not sign upward for this premium-SMS subscription willingly and you'd similar it cancelled. You may or may non be able to get some money back.
Localized malware
The malicious component of each corrupted app reads the IP address of the victim'southward phone and the pops up alerts tailored to their victim's geographical location. If y'all're in Greece, the alarm will be in Greek; if y'all're in the UK, it'll exist in English.
The alerts by and large tell you lot that you've won a prize and need to claim it ASAP. If y'all don't respond right away, the alerts keeping popping upwards until you do. Then y'all're taken to a website — again tailored to your language — that asks you to enter your phone number and then that you tin can be "verified" as the actual prize winner.
Don't practise this. Once you enter your phone number, you'll be secretly signed up for a premium-SMS service that charges €30 — about $35 U.S. or £26 — each and every calendar month. Zimperium estimates that victims enrolled in the scam subscription since it began may take lost as much equally $230 each.
"The victim does not immediately notice the impact of the theft, and the likelihood of it continuing for months before detection is high, with piddling to no recourse to get one's coin back."
The GriftHorse operators have managed to avert the attending of most security researchers and antivirus firms by constantly switching to new domains for their websites, and by using IP-address filters to localize those websites and alerts to the potential victim'southward country.
Source: https://www.tomsguide.com/news/grifthorse-android-malware
Posted by: marshsperwit.blogspot.com
0 Response to "Up to 10 million Android users hit by money-stealing malware — what to do"
Post a Comment