Skip links

In This Article:

Take control of your digital security

The Godfather Malware Strikes Again: Protect Your Android Devices from this Sophisticated Threat

Shares This:
Reading Time: 2 minutes

What is it?

Android malware, which was targeting banking users worldwide since March, the malware has reappeared and is using more advanced ways to hide itself as legitimate app on Google store.

Godfather, A banking Trojan that is specifically designed to target the online banking systems and financial information of individuals and organizations. It is called a Trojan because it typically disguises itself as a legitimate piece of software or application and is able to infiltrate a victim’s device by tricking the user into installing it. Once it is installed, the Trojan can collect sensitive information such as login credentials, account numbers, and financial transactions, and send this information to the attacker. It can also take control of the victim’s device and perform actions such as transferring money or making purchases without the victim’s knowledge or consent.

This is how the malware operates:

  1. Victim installs the malicious app on their device.
  2. The app asks for various permissions, such as access to contacts, SMS messages, call functions, and the device’s file system.
  3. Once the user grants these permissions, the app infects the device.
  4. The malware can then potentially steal sensitive data, such as SMS messages from banks, device information such as make, model and Android version, and details about apps installed on victim’s device and send this data to the cybercriminal.
  5. The cybercriminal may potentially redirect incoming calls to a phone number of their choosing.
  6. The cybercriminal may potentially be able to control the device remotely in order to carry out various banking transactions and make calls without the user’s knowledge

Who does it apply to?

Currently, this banking Trojan app is targeting users in Turkey and Europe.

What should you do about it?

  • The general advice is to install apps from authorised play stores like google play store, however despite efforts from Google, such malicious apps can still be downloaded from Google.
  • If you believe that you have accidentally installed a malicious or suspicious app on your device, it is important to uninstall it as soon as possible. This will help to protect your device and personal information from any potential harm caused by the app
  • Do a complete device scan for malware or any suspicious activity
  • If you believe you are being harassed or targeted by cybercriminals, it is important to report this to your local authorities
  • To protect your privacy and security, it is generally recommended to only grant app permissions that are needed “only while using the app,” rather than granting “always” permissions. This includes permissions for the camera, microphone, file manager, photos, and any other app permissions that may be requested. By limiting app permissions to the minimum required, you can help to reduce the risk of unauthorized access to your device or personal information.
  • This goes to prove that securing all aspects of digital is extremely important. To take control of your digital security, consider signing up for Demysti5’s improve plan

Sources

https://blog.cyble.com/2022/12/20/godfather-malware-returns-targeting-banking-users/

https://www.darkreading.com/attacks-breaches/godfather-banking-trojan-masquerades-legitimate-google-play-app

Sign Up to improve your Digital Security Now!

Shares This:

Leave a comment

Related Articles