German regulator warns of new banking and crypto malware ‘Godfather’

Financial authorities in Germany are raising the alarm amid the rapid spread of a new financial malware affecting banking and cryptocurrency applications.

Germany’s Federal Financial Supervisory Authority (BaFin) released an official statement on Jan. 9, warning consumers of “Godfather,” a malware collecting user data in banking and crypto apps.

BaFin emphasized that the new virus is targeting about 400 banking and crypto apps, including those operating in Germany. Godfather malware attacks users by displaying fake websites of regular banking and crypto apps, stealing their login data.

According to the regulator, it is yet to be determined how the malware attacks users’ devices. The malware is known to send push notifications to get the codes for two-factor authentication. “With this data, the cyber criminals may be able to gain access to consumers' accounts and wallets,” BaFin noted.

The first warnings on Godfather surfaced in December, with reports suggesting that the malware was affecting Android devices, targeting users in 16 countries. Cybersecurity experts from Group-IB reportedly initially discovered the Godfather trojan in 2021, but the malware has undergone massive code upgrades and improvements and has seen a big spike in activity over the past few months.

Related: Nifty News: Fake Pokémon NFT game spreads malware, ‘Jai Ho’ singer to launch metaverse and more

According to Group-IB cybersecurity experts, almost 50% of all apps targeted by Godfather are banking apps, with most of them coming from the United States. Germany is also among the most affected countries, alongside Turkey, Spain and Canada. The malware is also known to target 110 cryptocurrency exchange platforms and 94 cryptocurrency wallet apps.

Group-IB’s #ThreatIntelligence detected more than 400 international financial companies targeted by the #Godfather #Android banking #Trojan between June 2021 and October 2022. Godfather’s predecessor is another #banking Trojan named #Anubis:https://t.co/Kf2IGvrLnk pic.twitter.com/JERnAuNfAC

— Group-IB Global (@GroupIB_GIB) December 21, 2022

Cryptojacking has emerged as one of the biggest types of attacks on crypto apps in recent years. According to forecasts from the cybersecurity lab Kaspersky, 2023 will see even more malware attacks as the year will likely be marked by the “cyber epidemics with the biggest impact.”

40 German Banks Seek Regulator’s Green Light to Offer Bitcoin Custody   Feb. 11, 2020
Germany: New Proposed Law Would Legalize Banks Holding Bitcoin   Nov. 29, 2019
What the SEC can learn from the German regulator   Aug. 12, 2021
Indian Banks Act Slow to Accept Crypto Industry Despite RBI’s Approval   June 27, 2020
Germany outlines favorable tax guidelines, gains on BTC and ETH sold after a year tax-free   May 12, 2022