This dangerous mobile Trojan has stolen a fortune from over 10 million victims


Level 37
Thread author
Top Poster
Feb 4, 2016
Researchers say the infections are generating millions of dollars a month in recurring revenue.

An Android Trojan has now achieved a victim count of over 10 million in at least 70 countries.

According to Zimperium zLabs, the new malware has been embedded in at least 200 malicious applications, many of which have managed to circumvent the protections offered by the Google Play Store, the official repository for Android apps.

The researchers say that the operators behind the Trojan have managed to infect so many devices that a stable cash flow of illicit funds, "generating millions in recurring revenue each month," has been established.

Believed to have been in operation since November 2020, the "GriftHorse" campaign relies on victims being duped into handing over their phone number, which is then used to subscribe them to premium SMS messaging services.

Victims first download Android apps that appear innocent and legitimate. These apps vary from puzzle games and utilities to dating software, food and drink, with the most popular malicious app -- a translator -- accounting for at least 500,000 downloads.


Level 18
Top Poster
May 4, 2019
Security researchers have found a massive malware operation that has infected more than 10 million Android smartphones across more than 70 countries since at least November 2020 and is making millions of dollars for its operators on a monthly basis.

Discovered by mobile security firm Zimperium, the new GriftHorse malware has been distributed via benign-looking apps uploaded on the official Google Play Store and on third-party Android app stores.

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.