Researchers say the infections are generating millions of dollars a month in recurring revenue.
An Android Trojan has now achieved a victim count of over 10 million in at least 70 countries.
According to Zimperium zLabs, the
new malware has been embedded in at least 200 malicious applications, many of which have managed to circumvent the protections offered by the Google Play Store, the official repository for Android apps.
The researchers say that the operators behind the Trojan have managed to infect so many devices that a stable cash flow of illicit funds, "generating millions in recurring revenue each month," has been established.
Believed to have been in operation since November 2020, the "GriftHorse" campaign relies on victims being duped into handing over their phone number, which is then used to subscribe them to premium SMS messaging services.
Victims first download Android apps that appear innocent and legitimate. These apps vary from puzzle games and utilities to dating software, food and drink, with the most popular malicious app -- a translator -- accounting for at least 500,000 downloads.