Germany’s financial authorities have issued an alert due to the fast spread of a new economic virus that affects banking and cryptocurrency apps.
Germany’s Federal Financial Supervisory Authority (BaFin) issued an official statement alerting customers about “Godfather,” a spyware that collects user data in banking and cryptocurrency applications.
The “Godfather” virus has also been linked to the compromise of 110 bitcoin trading sites and 94 cryptocurrency wallet applications.
Push notifications are being used to bypass two-factor authentication
According to BaFin, the new malware targets about 400 banking and cryptocurrency applications, including those in Germany. Godfather virus infects users by showing phony websites of popular banking and cryptocurrency applications and stealing their login information.
It is yet to be identified how the virus assaults users’ devices, according to the authority. The virus is known to send push notifications to get two-factor authentication credentials. With this information, cyber thieves may access customers’ accounts and wallets.
Group-IB cites the same issue
The first Godfather warnings appeared in December, with reports claiming that the virus was infecting Android smartphones and targeted consumers in 16 countries. Group-IB cybersecurity specialists purportedly identified the Godfather trojan in 2021.
In thorough research, Group-IB illustrated how hackers might use the Godfather virus to steal login credentials for online banking and other financial services, allowing them to empty victims’ accounts.
Among the 400 victims, Group-IB also cited that financial institutions in the United Kingdom had been the worst impacted, with assaults happening in the previous three months.
Still, the virus has undergone substantial code modifications and enhancements and has experienced a significant increase in activity in recent months.
Group-IB: US, Germany, and Spain are among the most infested with the virus
According to Grup-IB cybersecurity specialists, about half of all Godfather-targeted applications are banking apps, with the majority originating in the United States, Germany, Turkey, Spain, and Canada. It is also known that the virus targets 110 bitcoin exchange sites and 94 cryptocurrency wallet applications.
Cryptojacking has developed as one of the most common crypto app assaults in recent years. According to Kaspersky’s estimates, 2023 will witness an increase in malware assaults as the year will likely be distinguished by “cyber epidemics with the greatest effect.”
