Financial regulators in Germany are expressing concerns about the rapid proliferation of a new type of financial malware that is impacting both banking and cryptocurrency applications.
The Federal Financial Supervisory Authority (BaFin) of Germany issued an official warning on January 9 regarding a malware known as “Godfather” that is specifically designed to gather user data from banking and cryptocurrency apps.
BaFin highlighted that this new malware is targeting approximately 400 banking and cryptocurrency apps, including those that are active in Germany. The Godfather malware operates by setting up fake websites that mimic legitimate banking and cryptocurrency apps to trick users into disclosing their login information.
The regulatory body mentioned that the exact method by which the malware infects users’ devices is still under investigation. However, it is known that the malware sends fake notifications to prompt users to provide authentication codes, which are then used by cybercriminals to gain unauthorized access to users’ accounts and digital wallets.
Initial reports about the Godfather malware emerged in December, with indications that it primarily affects Android devices and has been detected in 16 different countries. Cybersecurity specialists from Group-IB reportedly first discovered the Godfather trojan in 2021. Since then, the malware has undergone significant code enhancements and has shown a notable increase in malicious activities over the past few months.
Experts at Group-IB have identified that nearly half of the targeted apps by Godfather are banking applications, with a majority of them originating from the United States. Germany, along with Turkey, Spain, and Canada, are among the most impacted countries. Additionally, the malware is also reported to be targeting 110 cryptocurrency exchange platforms and 94 cryptocurrency wallet applications.
Cryptojacking, a type of attack that covertly mines cryptocurrency using the resources of an infected device, has become increasingly prevalent in recent years. Kaspersky, a cybersecurity research firm, predicts that 2023 will witness a surge in malware attacks, potentially leading to significant cyber threats.
Image Source: Rabanser / Shutterstock