GodFather Android Malware Is After Your Bank Details

Forum Moderators: open

Message Too Old, No Replies

GodFather Android Malware Is After Your Bank Details

engine

3:57 pm on Dec 22, 2022 (gmt 0)

There's an Android banking malware called GodFather that's after your banking details and crypto exchange apps logins. The GodFather malware has been around for a while, but it seems it's been honed and has gained effectiveness.

The malware generates login screens overlaid on top of the banking and crypto exchange apps' login forms when victims attempt to log in to the site, tricking the user into entering their credentials on well-crafted HTML phishing pages.

Almost half of all apps targeted by Godfather, 215, are banking apps, and most of them are in the United States (49), Turkey (31), Spain (30), Canada (22), France (20), Germany (19), and the UK (17).

[bleepingcomputer.com...]

Sgt_Kickaxe

7:57 pm on Dec 22, 2022 (gmt 0)

This is goiing to be scary stuff if/when all currency becomes digital only. [whitehouse.gov...]

Malware is all the more reason to appreciate cash in your pocket and being able to lock your accounts from online access.

nickZ

1:31 pm on Jan 21, 2023 (gmt 0)

In Tomshardware a nice article about that exploit saying:

Surprisingly, Group-IB found a line in Godfather’s code that prevents the malware from targeting users in Russia as well as users from former Soviet Union countries which suggests its creators speak Russian. Once installed on an Android phone, the malware checks to see if the system language is Russian, Azerbaijani, Armenian, Belarusian, Kazakh, Kyrgyz, Moldovan, Uzbek, or Tajik. If it is, Godfather shuts down and doesn’t try to steal any banking or crypto accounts stored on the device.

Sgt_Kickaxe

2:41 pm on Jan 21, 2023 (gmt 0)

About the IB-Group who discovered this, the founder is Ilya Sachkov [group-ib.com...]

As it says on his company bio page...

He is a Member of Young President Organisation (YPO) — global network of young chief executives. He takes part in the work of the World Economic Forum’s Centre for Cybersecurity.

He works at the WEF. If you followed the 2023 WEF presentations, cyberattacks are a top concern for the WEF. You can find each individual talk in several places, including linked from the WEF site. Have a listen.