Home » How you can avoid having your bank account wiped out by an Android banking Trojan

How you can avoid having your bank account wiped out by an Android banking Trojan

by admin

The Godfather Android banking Trojan has some deals that you should decline. Trojans are malicious apps that pretend to be legitimate. Until it receives instructions from a Command & Control (C&C) server, it may actually perform the tasks that led to the installation in the first place. Banking Trojans track the information and data you use to sign in to banking apps, grab that information and break into your bank accounts, causing a lot of headaches.

The Godfather banking Trojan targets over 400 banking and cryptocurrency apps in 16 countries

According to a cybersecurity firm Group IB (via hacker news), the Godfather Banking Trojan targets over 400 banking and cryptocurrency apps in 16 countries. Between June 2021 and October 2022, when the banking Trojan Godfather was active, half of the apps targeted were banking apps, with the rest being cryptocurrency wallets and exchanges. was included. 49 of the targets were American companies, 31 were Turkish companies, and 30 were Spanish companies. Financial services companies in Canada, France, Germany, the UK, Italy and Poland were also affected.

When an Android user interacts with a fake notification or tries to open a legitimate app targeted by a Trojan horse, a fake overlay appears on the screen, revealing the username and password entered by the victim on their mobile phone. Collected. Victims are tricked by the overlay into thinking they need this information to open an infected banking or financial services app. Godfather can also bypass her two-factor authentication, which is very dangerous.

Group-IB says the banking Trojan is being distributed via a “decoy application” listed on Google Play. As of October 2022, 215 international banks, 94 cryptocurrencies and 110 crypto exchange platforms across the US, Turkey, Spain, Canada, Germany, France and the UK have been hit by The Godfather.

Interestingly, the Godfather appears to refrain from infecting mobile phones, citing languages ​​spoken in post-Soviet countries as a priority. These countries include Russia, Azerbaijan, Armenia, Belarus, Kazakhstan, Kyrgyzstan, Moldova, Uzbekistan and Tajikistan. This leads Group IB to believe that the Trojan developer speaks Russian. This Trojan is also known to record the victim’s screen and send fake text his messages from the infected device.

One of the malicious apps hosted on the Google Play Store associated with the Godfather banking Trojan is Currency Converter Plus. A sample of the Godfather Trojan shows that when the malware opens, it displays a fake Google Protect and an animation that makes the victim believe that the app is being scanned when in fact nothing is happening. It turns out. Worse, the app icon is hidden and no longer appears in the list of installed apps on the phone.

Here are the steps to protect your Android smartphone from banking Trojans:

So the user opened the banking app, used the login, and gave the bad guy the key to his safe, believing that the app had been scanned and found no malware. However, you can take certain steps to help combat banking Trojans like The Godfather.

Always make sure your phone is running the latest version of Android, according to Group-IB. The newer the version of Android running on your phone, the less likely you are to get infected with a banking Trojan.

Group-IB also suggests not sideloading and installing apps from third-party Android app storefronts. Google We cannot guarantee that all apps are safe. Cybersecurity companies also suggest checking the permissions that each app is requesting. ) (especially for apps the developer is unfamiliar with), do not install. Also, don’t click on links sent by text message.

What can you do if your smartphone is already infected? Group-IB instructs you to follow these three steps:

  • Disable network access.
  • Freeze bank accounts that may have been accessed from your device.
  • Contact our experts to get more information about the risks malware can pose to your device.

You may also like

Leave a Comment