Financial authorities in Germany are raising the alarm amid the rapid spread of a new financial malware affecting banking and cryptocurrency applications.
Germany’s Federal Financial Supervisory Authority (BaFin) released an official statement on Jan. 9, warning consumers of “Godfather,” a malware collecting user data in banking and crypto apps.
BaFin emphasized that the new virus is targeting about 400 banking and crypto apps, including those operating in Germany. Godfather malware attacks users by displaying fake websites of regular banking and crypto apps, stealing their login data.
According to the regulator, it is yet to be determined how the malware attacks users’ devices. The malware is known to send push notifications to get the codes for two-factor authentication. “With this data, the cyber criminals may be able to gain access to consumers' accounts and wallets,” BaFin noted.
The first warnings on Godfather surfaced in December, with reports suggesting that the malware was affecting Android devices, targeting users in 16 countries. Cybersecurity experts from Group-IB reportedly initially discovered the Godfather trojan in 2021, but the malware has undergone massive code upgrades and improvements and has seen a big spike in activity over the past few months.
According to Group-IB cybersecurity experts, almost 50% of all apps targeted by Godfather are banking apps, with most of them coming from the United States. Germany is also among the most affected countries, alongside Turkey, Spain and Canada. The malware is also known to target 110 cryptocurrency exchange platforms and 94 cryptocurrency wallet apps.
Cryptojacking has emerged as one of the biggest types of attacks on crypto apps in recent years. According to forecasts from the cybersecurity lab Kaspersky, 2023 will see even more malware attacks as the year will likely be marked by the “cyber epidemics with the biggest impact.”