Users in 16 countries have been targeted by this malicious virus, which has also made attempts to steal account information from more than 400 financial institutions and bitcoin trading sites.
Dangerous android malware that is capable of stealing money from bank accounts – The so-called “Godfather” software may steal money from cryptocurrency exchange platforms as well as bank accounts.
Godfather virus was discovered by ThreatFabric for the very first time in March of 2021. On the other hand, during a time during which they were not seen, they have evolved to become substantially more hazardous.
Godfather malware aims its attention at a total of 215 banking applications, 110 bitcoin trading platforms, and 94 electronic wallet applications, and most of them are in the United States (49), Turkey (31), Spain (30), Canada (22), France (20), Germany (19), and the UK (17).
Recently, multiple instances of GodFather Android apps masquerading as MYT apps have been discovered. The application’s name is MYT Müzik, which is written in Turkish.
These malicious applications seem to be legitimate software in order to trick users into giving them access to accessibility services. When the victim agrees to the request, the virus will then be able to grant itself all of the rights it need in order to carry out the destructive conduct.
These malicious programs specifically access text messages and notifications, record the screen and contacts, make phone calls, write to external storage, and examine the state of the device.
According to Cybersecurity, in order to steal sensitive information from the users’ devices, the malware uses the below commands:
- startUSSD
- sentSMS
- startApp
- startforward
- killbot
- send_all_permission
- vnc_open
- keylog_active
- unlock_screen
- sunset
- startscreen
How To Prevent Malware Infection:
- The only official app stores should be used for the download and installation of software.
- Make sure that all of your connected devices are protected by a reputable anti-virus and internet security program.
- Whenever possible, make sure that strong passwords are used and that multi-factor authentication is enforced.
- Make sure that the biometric security features are enabled.
- If you receive any links via SMS or email that are delivered to your phone, make sure that you do not open them without validating their authenticity.
- If your Android device is protected by Google Play Protect, ensure that it is enabled.
- Whenever you enable any permission, make sure you do so with caution.
Make sure that the operating system, applications, and devices on your computer are up-to-date. - Ensure that applications installed on mobile devices are in compliance with the amount of mobile/Wi-Fi data they use on a regular basis.
- Ensure that you stay on top of anti-virus notifications and Android OS alerts and take appropriate action when needed.
- Ensure that the Wi-Fi/Mobile data is turned off when they are not in use.
- You should make a backup of all the media files that you own.
- You should report any fraudulent transactions as soon as possible to your bank in case there is a problem.
- In order to prevent malware attacks in the future, banks and other financial institutions need to educate their customers on how to protect themselves via telephone, SMS, or email.
- Google Play Protect checks Android devices with Google Play Services for potentially harmful apps from other sources. Users are protected by Google Play Protect, which blocks these identified malicious apps on Android devices.
