German authorities warn of godfather banks and crypto virus
German financial authorities have issued an alert due to the rapid spread of a new economic virus affecting banking apps and cryptocurrencies.
Germany’s Federal Financial Supervisory Authority (BaFin) has issued an official statement warning customers about “The Godfather,” a spyware that collects user data in banking and cryptocurrency applications.
The “Godfather” virus has also been linked to the hacking of 110 bitcoin trading websites and 94 cryptocurrency wallet apps.
Push notifications are used to bypass two-factor authentication
According to BaFin, the new malware targets around 400 banking and cryptocurrency apps, including those based in Germany. The Godfather virus infects users by showing fake websites of popular banking and cryptocurrency apps and stealing their login information.
According to the authority, it was not specified how the virus attacked users’ devices. The virus is known to send push notifications to obtain two-factor authentication credentials. With this information, cyberthieves may gain access to customers’ accounts and wallets.
Group-IB cites the same problem
The first Godfather warnings came out in December, when reports claimed that the virus was infecting Android smartphones and targeting consumers in 16 countries. Group-IB cybersecurity specialists allegedly identified the Godfather Trojan in 2021.
In a comprehensive research, Group-IB outlined how hackers could use the Godfather virus to steal login credentials for online banking and other financial services, allowing them to empty victims’ accounts.
Of the 400 victims, Group-IB also indicated that financial institutions in the UK were the most affected, with attacks having occurred in the past three months.
However, the virus has undergone significant code modifications and improvements and has seen a significant increase in activity in recent months.
Group-IB: The United States, Germany and Spain are among the countries most affected by the virus
According to Grup-IB’s cybersecurity specialists, about half of all apps targeting the godfather are banking apps, with most originating in the US, Germany, Turkey, Spain and Canada. The virus is also known to target 110 cryptocurrency exchange websites and 94 cryptocurrency wallet apps.
Cryptojacking has developed as one of the most popular crypto application attacks in recent years. According to Kaspersky estimates, 2023 will see an increase in malware attacks as the year is likely to be marked by “cyber-epidemics with the greatest impact”.