Germany-based financial authority BaFin has announced that cryptocurrency and banking apps are in the sights of cybercriminals who use the GodFather malware on Android OS.
So far, according to BaFin, there are more than 400 banking and crypto apps hacked by GodFather. The apps in question operate in 16 countries, including Germany. Out of the 400 targets, 200 are banking apps, 100 are cryptocurrency exchanges, and 94 are cryptocurrency wallets.
BaFin’s warning is the latest announcement in a spree of GodFather threats. Similar to the Android-based trojan Gustuff, GodFather aims at crypto and banking applications. Victims are tricked by fake crypto and banking websites through which the hackers can leverage the piece of malware to appropriate the victims’ login data.
GodFather can also be used to hack into smartphones and steal the victim’s text messages. Basically, GodFather allows hackers to go beyond the two-factor verification process. According to various experts on security, this piece of malware can copy the Google Protect service which allows GodFather to penetrate the victim’s Accessibility phone settings. The malware can record the user’s keystrokes by accessing the smartphone’s screen capture settings.
Users of the Android OS should carefully review apps prior to installing them to avoid malware. Also, Android phones should have Google Play Protect turned on. According to BaFin, there is not a clear indication of how the malware enters the victims’ smartphones. Having said that, most cybersecurity experts would argue that such malware is usually distributed via apps found on Google Play, apps which are infested with trojans. Usually, the fake apps mimic legitimate apps.