The Godfather Android banking Trojan has some deals that you should decline. Trojans are malicious apps that pretend to be legitimate. Until it receives instructions from a Command & Control (C&C) server, it may actually perform the tasks that led to the installation in the first place. Banking Trojans track the information and data you use to sign in to banking apps, grab that information and break into your bank accounts, causing a lot of headaches.
The Godfather banking Trojan targets over 400 banking and cryptocurrency apps in 16 countries
Fake Turkish Banking App Waiting to Collect Victims’ Login Information
When an Android user interacts with a fake notification or tries to open a legitimate app targeted by a Trojan horse, a fake overlay appears on the screen, revealing the username and password entered by the victim on their mobile phone. Collected. Victims are tricked by the overlay into thinking they need this information to open an infected banking or financial services app. Godfather can also bypass her two-factor authentication, which is very dangerous.
Interestingly, the Godfather appears to refrain from infecting mobile phones, citing languages spoken in post-Soviet countries as a priority. These countries include Russia, Azerbaijan, Armenia, Belarus, Kazakhstan, Kyrgyzstan, Moldova, Uzbekistan and Tajikistan. This leads Group IB to believe that the Trojan developer speaks Russian. This Trojan is also known to record the victim’s screen and send fake text his messages from the infected device.
Here are the steps to protect your Android smartphone from banking Trojans:
So the user opened the banking app, used the login, and gave the bad guy the key to his safe, believing that the app had been scanned and found no malware. However, you can take certain steps to help combat banking Trojans like The Godfather.
Malicious apps on the Google Play store
Always make sure your phone is running the latest version of Android, according to Group-IB. The newer the version of Android running on your phone, the less likely you are to get infected with a banking Trojan.
What can you do if your smartphone is already infected? Group-IB instructs you to follow these three steps:
- Disable network access.
- Freeze bank accounts that may have been accessed from your device.
- Contact our experts to get more information about the risks malware can pose to your device.