What is GriftHorse?
IT-experts discovered the GriftHorse malware targeting Android. The malware has been active since November 2020 and subscribes its victims to paid SMS services. It has already infected more than 10 million devices in 70 countries around the world, and it is believed that GriftHorse operators “earn” from 1.5 to 4 million dollars a month. The versions of GriftHorse noticed by experts were distributed through the official Google Play app store and third-party application catalogs, usually masquerading as other harmless applications. If a user installs such an application, GriftHorse starts showering it with pop-ups and notifications, in which it offers various prizes and special offers. If the victim clicks on one of these notifications, they are redirected to a page where they are asked to confirm the phone number, ostensibly to gain access to the offer. In fact, here users subscribe to paid SMS services, the cost of which sometimes exceeds 30 euros per month. This money is eventually sent to the pockets of GriftHorse operators. Today we will look at some examples of how to remove GriftHorse from Android.
What should I do to avoid getting infected with the GriftHorse virus?
With the growing number of mobile device users, the number of viruses has also increased. If earlier Trojans that change settings and infect other files (for example, Skulls for Symbian) were the most dangerous, then modern hacker developments are able to make the gadget stop turning on, deleting the information necessary for the OS. To avoid similar situations in the future:
- Prohibit installations from third-party sources in the settings. You will still be able to download games, movies, music, books, programs from the Play Market store, files in which are manually and automatically checked;
- Download the antivirus. Do not abuse this point – just one such application is enough, simultaneous use of several will cause the device to slow down;
- Check the permissions of the existing software, remove the checkboxes from the “Change system settings” item for services that do not belong to reliable publishers, such as Google.
Recommended Anti-malware tool:
Reset to Factory Settings
It will not be so easy to remove the application from the device. Definitely, it is necessary to reset the device to factory settings. Keep in mind that this will lead to the loss of personal data. Before performing the procedure, perform a backup.
- Start up your device in Recovery Mode using previous instruction
- Select the “Factory Reset” option, a notification will appear that it is impossible to reverse the changes;
- After completing the process, restart the phone by clicking on “Reboot“.