Up to 10 million Android users hit by money-stealing malware — what to do
Upwardly to ten million Android users hit by money-stealing malware — what to do
A new Android malware campaign has been using corrupted apps to secretly enroll up to x million unsuspecting victims into paid-SMS subscriptions that can cost up to $35 per month, reports security firm Zimperium in a weblog post today (Sept. 29).
There are more than than 200 of these infected apps, by and large consisting of utility and entertainment apps, and victims accept been found in seventy countries worldwide, including the U.S., the rest of North America and most of Europe.
- Amazon Astro called 'privacy nightmare' and 'terrible' — here's why
- The best Android antivirus apps
- Plus: Why millions of iPhones, TVs, other devices could go offline this calendar week
Several dozen infected apps were found in the official Google Play shop and kicked out after Zimperium notified Google of their being, merely many more apps can still exist found on 3rd-political party app stores.
"These malicious Android applications appear harmless when looking at the store description and requested permissions, but this imitation sense of confidence changes when users get charged month over month for the premium service they get subscribed to without their noesis and consent," says researcher Aazim Yaswant in the Zimperium report.
Zimperium calls the malware campaign "GriftHorse" and says it has been running since November 2020.
How to protect yourself from GriftHorse
To protect yourself from GriftHorse and similar Android malware campaigns, make sure y'all install apps only from the official Google Play shop. In the virtually recent versions of Android, this means not assuasive any apps to "install unknown apps."
Y'all'll also want to install and use one of the best Android antivirus apps. At the time of this writing, few of the GriftHorse-infected apps were recognized as malicious by near malware-detection engines, but that will change over the course of the day as Zimperium's study is read.
If yous do fall victim to such a scam, contact your wireless carrier and explain that you did not sign up for this premium-SMS subscription willingly and you'd like it cancelled. Yous may or may not exist able to get some coin back.
Localized malware
The malicious component of each corrupted app reads the IP address of the victim'south phone and the pops up alerts tailored to their victim's geographical location. If you're in Greece, the alert will be in Greek; if you're in the U.k., it'll exist in English.
The alerts generally tell you that y'all've won a prize and need to merits information technology ASAP. If you don't respond right away, the alerts keeping popping up until you do. And then you're taken to a website — again tailored to your linguistic communication — that asks y'all to enter your phone number so that you tin be "verified" equally the bodily prize winner.
Don't do this. Once you enter your phone number, you'll be secretly signed up for a premium-SMS service that charges €thirty — about $35 U.Due south. or £26 — each and every month. Zimperium estimates that victims enrolled in the scam subscription since it began may have lost as much equally $230 each.
"The victim does non immediately notice the impact of the theft, and the likelihood of information technology standing for months earlier detection is loftier, with lilliputian to no recourse to become 1's money back."
The GriftHorse operators accept managed to avert the attending of nigh security researchers and antivirus firms by constantly switching to new domains for their websites, and by using IP-address filters to localize those websites and alerts to the potential victim's country.
Source: https://www.tomsguide.com/news/grifthorse-android-malware
Posted by: sawyerthicale.blogspot.com
0 Response to "Up to 10 million Android users hit by money-stealing malware — what to do"
Post a Comment