Affiliate links on Android Authority may earn us a commission.Learn more.

Check your apps: Android Trojan secretly signs you up for subscription payments

August 17, 2025

One of the most effective ways to “hack” someone isn’t to steal their information or take over their device. Social engineering is one of the easiest and sometimes most efficient ways to get people to do something for you.

See also:The best security apps for Android that aren’t anti-virus apps

Google Play Store 2021 0

A new Android Trojan known as “GriftHorse” did just that (viaZimperium). It tricks people into unwittingly subscribing to a recurring payment. If left unchecked, it could have potentially stolen hundreds of dollars from victims so far.

The Trojan is confirmed to have been found in over 100 Android apps. These apps appeared on the Google Play Store as well as multiple third-party platforms. Google has confirmed that the infected apps are already gone from the Play Store, but third-party platforms could still host them. Likewise, these apps could still be on your phone if you downloaded one.

GriftHorse Screenshot

See below for how GriftHorse works and the apps you should uninstall.

What GriftHorse looks like

Above, you can see a screenshot of the “hook” to the GriftHorse Trojan. The free gift promoted by that notification takes you to a website that asks for your phone number. Ostensibly, entering your phone number is to verify your identity so you can claim the prize.

However, unbeknownst to victims, entering your phone number really signs you up for a recurring subscription fee for a bogus service. The monthly fee (which lands in different currencies depending on the user’s location) amounts to about $36 each month.

This charge doesn’t need a credit card. Instead, it’s an SMS-based subscription service, so your carrier gets the charges and passes them onto you through your monthly bill. If you don’t check your bill regularly, this charge could have happened multiple times.

GriftHorse is thought to have been active since November 2020. Ostensibly, that means victims could have lost up to $400 if they were one of the first infections. Judging from the scale of this Trojan, the criminals behind it likely have already made millions of dollars.

you may see a full rundown of how GriftHorse works in very technical detailhere. For everyone else, be sure to uninstall any of the apps below.

Apps you should uninstall

Thank you for being part of our community. Read ourComment Policybefore posting.