Additionally known targets of the "Godfather" malware include 94 bitcoin wallet apps and 110 cryptocurrency exchange platforms.
A new financial malware that affects banking and cryptocurrency applications is spreading quickly, and financial officials in Germany are raising the alarm.
On January 9, Germany's Federal Financial Supervisory Authority (BaFin) issued a formal statement alerting customers to "Godfather," malware that harvests user data from banking and cryptocurrency apps.
BaFin stressed that roughly 400 banking and cryptocurrency apps, including those running in Germany, are being targeted by the new virus. By showing false websites for popular banking and cryptocurrency apps, the Godfather malware targets victims and steals their login information.
The agency claims that the malware's attack vector has not yet been identified. Push notifications are a known method used by malware to obtain two-factor authentication codes. According to BaFin, "cybercriminals may be able to access consumers' accounts and wallets with this data."
The initial reports on Godfather appeared in December, and they indicated that the malware was impacting Android smartphones and aiming its attacks at people in 16 different nations. The Godfather trojan was purportedly first identified by Group-IB cybersecurity researchers in 2021, but over the last few months, the virus has seen significant activity growth and code changes.
Nearly 50% of all the apps targeted by Godfather, the majority of which are from the United States, are banking apps, according to Group-IB cybersecurity experts. Germany, along with Turkey, Spain, and Canada, is one of the nations that is most impacted. Additionally, 94 cryptocurrency wallet apps and 110 cryptocurrency trading platforms are known targets of the ransomware.
Group-IB’s #ThreatIntelligence detected more than 400 international financial companies targeted by the #Godfather #Android banking #Trojan between June 2021 and October 2022. Godfather’s predecessor is another #banking Trojan named #Anubis:https://t.co/Kf2IGvrLnk pic.twitter.com/JERnAuNfAC
— Group-IB Global (@GroupIB_GIB) December 21, 2022
One of the most common attacks on crypto applications in recent years has been cryptojacking. The cybersecurity research firm Kaspersky predicts that malware attacks will increase in 2023 as the year is likely to be characterized by the "cyber epidemics with the highest impact."