Zumperium zLabs discovered a mobile premium services theft campaign targeting approximately 10 million people worldwide, & the total amount stolen could be well over a hundred million euros. This particular global scam takes advantage of user interactions by hiding behind malicious Android applications as Trojans, as opposed to using phishing techniques.
As opposed to using phishing techniques, this particular global scam involves malicious Android apps hidden behind Trojans, rather than attacking users directly. It appears the threat group has been running this Android Trojan campaign since November 2020, based on evidence from forensic analysis of the Android Trojan, which zumperium zLabs has called “GriftHorse”.
Initially, these malicious applications were distributed both on Google Play & through 3rd-party application stores. Google verified the provided data & removed the malicious apps from its Play store after Zumperium zLabs reported the findings to it. Yet, malicious applications can still be downloaded from unsecure 3rd-party app repositories, highlighting the need for enhanced device security for sideloading applications.
Click here to read more on this threat.
