German Regulator Sounds Alarm Bells Over Crypto and Banking Malware

BaFin, Germany’s top financial regulator, warned crypto and TradFi users about a malware called “Godfather,” which is targeting around 400 crypto and banking apps. The malware steals users’ login data by displaying fake websites of legitimate banking and crypto exchange apps.

‘Godfather’ Malware Targeting 400 Crypto and Banking Apps

German financial watchdog BaFin warned consumers about a new malware known as “Godfather” targeting banking and crypto apps, the regulator said in a statement on Monday. The malware has affected roughly 400 apps and platforms, some of which are based in Germany, BaFin added.

According to the regulator, it remains unclear how exactly Godfather attacks consumers’ devices. However, it is known that it sends push notifications to consumers to obtain 2-factor authentication codes. This way, the attackers can “gain access to consumers’ accounts and wallets,” BaFin noted.

The malware also defrauds users by displaying fake websites of popular crypto and banking apps. Users who log into their accounts are directed to fake websites which are sending their login data to hackers. In addition, the malware can also steal other data like device information, SMS, and similar.

According to the cybersecurity portal PCrisk, the Godfather mimics the Google Protect tool and asks for access to the Accessibility Service. If a user provides access to the Accessibility Service, the Godfather can steal the user’s contacts and SMSs and allow it to make calls and record screens.

Further, the malware “shows fake login pages for legitimate banking and crypto exchange applications. Those phishing pages are used to steal credentials (login information like usernames, customer IDs, passwords, etc.),” PCrisk says.

Crypto Becoming Hackers’ Perfect Victim

This malware first emerged in December, when it reportedly attacked Android users across 16 countries. Cybersecurity professionals at Group-IB first warned about Godfather in 2021, though the malware has not been as active until late last year.

The reports of new attacks highlight that crypto remains one of the hackers’ favorite targets, particularly the DeFi sector. A research report by TRM Labs revealed that a record $3.7 billion worth of crypto funds were stolen in 2022 alone.

More recently, a DeFi whale lost $3.4 million in GMX tokens in a phishing attack, PeckShield and CertiK reported. Phishing attacks are similar to the Godfather malware as both try to steal login credentials through counterfeit websites.

This article originally appeared on The Tokenist

Sponsored: Tips for Investing

A financial advisor can help you understand the advantages and disadvantages of investment properties. Finding a qualified financial advisor doesn’t have to be hard. SmartAsset’s free tool matches you with up to three financial advisors who serve your area, and you can interview your advisor matches at no cost to decide which one is right for you. If you’re ready to find an advisor who can help you achieve your financial goals, get started now.

Investing in real estate can diversify your portfolio. But expanding your horizons may add additional costs. If you’re an investor looking to minimize expenses, consider checking out online brokerages. They often offer low investment fees, helping you maximize your profit.