A group of experts from the computer security company Zimperium zLabs has discovered a malicious program contained in some Google Play applications.
According to professionals, this program has already infected more than 10 million Android devices in more than 70 countries.
Research reveals that apps infected by the GriftHorse malware act like a Trojan that subscribes users to paid services without their realizing it.
According to the researchers, if a person installs an infected app, GriftHorse starts filling the phone with reward notifications.
If the person clicks on one of these ads, they are directed to a page where they are asked to confirm their phone number to access the prize.
However, doing so activates a premium SMS service worth more than $ 30 per month.
Those behind these attacks would have used more than 200 malicious applications of different kinds. The researchers also point out that they would have started operating in November 2020, while their last update dates back to April this year.
“While typical premium service scams take advantage of phishing techniques, this specific global scam has hidden behind malicious Android apps that act like Trojans, allowing it to take advantage of user interactions to increase spread and infection.” said the security company in a statement.
The company has also published a list of applications that contain the Android GriftHorse Trojan, which can be reviewed at this link.