Germany’s Federal Financial Supervisory
Authority (BaFin) has urged consumers to beware of ‘Godfather’, a trojan virus
that attacks Android-based banking and cryptocurrency apps. The regulatory
authority announced on Monday that the trojan virus currently
“records user input from banking and crypto apps.”
BaFin in a statement noted that the
malware has attacked about 400 banking and crypto apps from around the world including Germany.
“How exactly the software gets onto the
infected end devices of consumers is unclear. Godfather is known to display
fake websites of regular banking and crypto apps. When consumers log in via
these websites, their login details are transmitted to the cyber criminals,” Bafin explained in the statement.
Furthermore, the German regulator explained that the
malware sends push notifications to unsuspecting users in order to get the codes for the two-factor authentication security system. “With this data, the cyber
criminals may be able to access consumers’ accounts and wallets,” BaFin added.
Watch the FMLS22 session on how security in the fintech industry is being disrupted.
Meanwhile, Group-IB, a cybersecurity services
provider, recently
warned users to exercise
extreme caution when using these apps.
According to the cybersecurity firm,
the United States, Turkey and Spain account for the highest number of trojan or ‘Godfather’ malware activities. Canada, France, Germany and the UK
are also hotbeds for the trojan, Group-IB said.
Additionally, the cybersecurity firm noted the ‘Godfather’ malware attacked users in 16 countries last year. These attacks affected 215 banking apps, 94 crypto wallets and
110 cryptocurrency exchange platforms.
Moreover, Group-IB in its report said the ‘Godfather’ malware code has an interesting functionality that
prevents it from attacking users located in Russian-speaking and former Soviet Union countries. This suggests that the creators
of the virus are from Russia or one of the former Soviet states, the cybersecurity firm said.
“The emergence of Godfather underscores
the ability of threat actors to edit and update their tools to maintain their
effectiveness in spite of efforts by malware detection and prevention providers
to update their products,” Artem Grischenko, a Junior Malware Analyst at
Group-IB, noted.
Germany’s Federal Financial Supervisory
Authority (BaFin) has urged consumers to beware of ‘Godfather’, a trojan virus
that attacks Android-based banking and cryptocurrency apps. The regulatory
authority announced on Monday that the trojan virus currently
“records user input from banking and crypto apps.”
BaFin in a statement noted that the
malware has attacked about 400 banking and crypto apps from around the world including Germany.
“How exactly the software gets onto the
infected end devices of consumers is unclear. Godfather is known to display
fake websites of regular banking and crypto apps. When consumers log in via
these websites, their login details are transmitted to the cyber criminals,” Bafin explained in the statement.
Furthermore, the German regulator explained that the
malware sends push notifications to unsuspecting users in order to get the codes for the two-factor authentication security system. “With this data, the cyber
criminals may be able to access consumers’ accounts and wallets,” BaFin added.
Watch the FMLS22 session on how security in the fintech industry is being disrupted.
Meanwhile, Group-IB, a cybersecurity services
provider, recently
warned users to exercise
extreme caution when using these apps.
According to the cybersecurity firm,
the United States, Turkey and Spain account for the highest number of trojan or ‘Godfather’ malware activities. Canada, France, Germany and the UK
are also hotbeds for the trojan, Group-IB said.
Additionally, the cybersecurity firm noted the ‘Godfather’ malware attacked users in 16 countries last year. These attacks affected 215 banking apps, 94 crypto wallets and
110 cryptocurrency exchange platforms.
Moreover, Group-IB in its report said the ‘Godfather’ malware code has an interesting functionality that
prevents it from attacking users located in Russian-speaking and former Soviet Union countries. This suggests that the creators
of the virus are from Russia or one of the former Soviet states, the cybersecurity firm said.
“The emergence of Godfather underscores
the ability of threat actors to edit and update their tools to maintain their
effectiveness in spite of efforts by malware detection and prevention providers
to update their products,” Artem Grischenko, a Junior Malware Analyst at
Group-IB, noted.