Some 400 bank and crypto exchange apps targeted


(Image credit: Shutterstock)

Multiple cybersecurity firms have confirmed the existence of Godfather, an Android banking malware that has been found targeting victim’s bank and cryptocurrency accounts. 

Experts at Group-IB, ThreatFabric, and Cyble have all recently reported on Godfather, its targets, and methodologies, which sees the malware attempt to steal login data by overlaying legitimate banking and cryptocurrency apps (exchanges, wallets, and similar). 

The group found that Godfather has targeted more than 400 different entities, with most of them being in the US (49), Turkey (31), Spain (30), Canada (22), France (20), Germany (19), and the UK (17). 

Multiple infection vectors

What’s more, the malware analyzes the endpoint it infected, and if it determines that the device language is either Russian, Azerbaijani, Armenian, Belarusian, Kazakh, Kyrgyz, Moldovan, Uzbek, or Tajik, it shuts the whole operation down – leading some of the researchers to believe that the threat actors are of Russian origin.

The exact number of infected devices is impossible to determine, as Play Store is not the only infection vector. In fact, the malware has had a relatively limited distribution through Google’s app repository, and the main distribution channels are yet to be discovered. What we do know, courtesy of Cyble’s research, is that one of the malicious apps has more than 10 million downloads under its belt. 

But when a victim downloads the malware, they first need to give it permissions, which is why in some instances, it imitates “Google Protect” and demands access to the Accessibility Service. If the victim provides, the malware takes over SMS texts and notifications, starts recording the screen, exfiltrates contacts and call lists, and more. 

Read more

> Beware, this new Android banking malware could hijack your phone
> These fake Android antivirus apps install a dangerous banking trojan
> These are the best ID theft protection solutions around (opens in new tab)

By turning on Accessibility Service, the malware gets even harder to eliminate, too, and allows threat actors to exfiltrate Google Authentication one-time passwords, as well. 

The researchers also said that the malware has additional modules that can be added, giving it extra features such as to launch a VNC server, enable silent mode, establish a WebSocket connection, or dim the screen.

    Via: BleepingComputer (opens in new tab)

    Are you a pro? Subscribe to our newsletter

    Sign up to theTechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

    By submitting your information you agree to the Terms & Conditions (opens in new tab) and Privacy Policy (opens in new tab) and are aged 16 or over.

    Sead Fadilpašić

    Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.


    Wi-Fi routers are being hit by a dangerous new Android malware with extra DNS hacks

    With the DNS changed, users are redirected to malicious pages

    View more: Wi-Fi routers are being hit by a dangerous new Android malware with extra DNS hacks

    Is the 2023 Toyota RAV4 Too Old to Keep Up?

    Today we’re putting the Toyota RAV4 in the spotlight to take a closer look at it. We know that there are tons of great things to say about it. It’s capable, spacious, and reliable. But is the 2023 Toyota RAV4 old? Is its age starting to show?  Is the 2023 ...

    View more: Is the 2023 Toyota RAV4 Too Old to Keep Up?

    The 2016 Hyundai Sonata Got ‘Nearly Everything Right’

    Hyundai is building a reputation as an automaker that makes a lot of great cars. This is the case with the 2016 Hyundai Sonata, as Hyundai gave the car a lot of updates for that model year, and that made the car nearly flawless. Here’s a look at how the ...

    View more: The 2016 Hyundai Sonata Got ‘Nearly Everything Right’

    How to Remove Memories in Google Photos

    Open a Memory from the Google Photos app and tap the three-dot menu icon. Then select “Hide” and choose “Remove This Memory.” Google Photos resurfaces old photos and videos in an aptly named feature called “Memories.” However, not all memories are good memories, and you may not want to ...

    View more: How to Remove Memories in Google Photos

    The Best Hyundai SUVs for 2023: Midsize, Compact, and Crossover

    Hyundai has some excellent SUVs in its lineup right now, all of which are reasonably priced to fit many budgets. The sport utility vehicles below come with Hyundai’s five-year/60,000-mile comprehensive coverage and 10 years/100,000 miles on key powertrain components. Here are three of the best Hyundai SUVs for 2023, packed ...

    View more: The Best Hyundai SUVs for 2023: Midsize, Compact, and Crossover

    Refreshed Mercedes CLA Gets Mild-Hybrid Technology

    Both the ’24 Mercedes-Benz CLA and Mercedes-AMG CLA receive 48V electrical systems providing additional low-end horsepower.

    View more: Refreshed Mercedes CLA Gets Mild-Hybrid Technology

    Best Ways To Fix Slow Internet During VPN On Windows 11

    Is your VPN slowing down your Internet connection on Windows 11? You’re not alone – many users experience the same issue. Having slow Internet while using a VPN can be incredibly frustrating, especially in the middle of a big project. Whether working from home or just trying to stream your ...

    View more: Best Ways To Fix Slow Internet During VPN On Windows 11

    Best free sports streaming apps in 2023

    Cutting the cord on cable television is something tons of people have done over the past five years. But that hasn’t proven to be the smartest way to continue to watch sports. Whether it comes from premium sports website subscriptions to keep tabs on your favorite players, or even fantasy ...

    View more: Best free sports streaming apps in 2023

    New software for millions of BMW vehicles with the latest software upgrade

    After six months, the Galaxy A41 gets a new security update

    9 Best Fix: Windows Won’t Recognize Android Device

    Which Is a Better Used Sedan: the 2020 Chevrolet Impala or the 2020 Nissan Maxima?

    Galaxy Tab S6 Lite Wi-Fi gets One UI 5.0 as its last major update

    2023 Alfa Romeo Tonale PHEV: full pricing and specs revealed

    8 Best Smart Home Automation Apps for Android and iOS

    4 Reasons to Avoid the 2023 Nissan Maxima

    One UI 5.0 feature focus: Create home screen widget stacks

    Will 5G Make Me Use More Cellular Data?

    No Sound on Windows 11? Here Are 6 Ways How to Fix It!

    2024 Alfa Romeo Tonale Gets Reasonable Starting Price


    Top Car News Car News