Investing

German Regulator Sounds Alarm Bells Over Crypto and Banking Malware

BaFin, Germany’s top financial regulator, warned crypto and TradFi users about a malware called “Godfather,” which is targeting around 400 crypto and banking apps. The malware steals users’ login data by displaying fake websites of legitimate banking and crypto exchange apps.

‘Godfather’ Malware Targeting 400 Crypto and Banking Apps

German financial watchdog BaFin warned consumers about a new malware known as “Godfather” targeting banking and crypto apps, the regulator said in a statement on Monday. The malware has affected roughly 400 apps and platforms, some of which are based in Germany, BaFin added.

According to the regulator, it remains unclear how exactly Godfather attacks consumers’ devices. However, it is known that it sends push notifications to consumers to obtain 2-factor authentication codes. This way, the attackers can “gain access to consumers’ accounts and wallets,” BaFin noted.

The malware also defrauds users by displaying fake websites of popular crypto and banking apps. Users who log into their accounts are directed to fake websites which are sending their login data to hackers. In addition, the malware can also steal other data like device information, SMS, and similar.

According to the cybersecurity portal PCrisk, the Godfather mimics the Google Protect tool and asks for access to the Accessibility Service. If a user provides access to the Accessibility Service, the Godfather can steal the user’s contacts and SMSs and allow it to make calls and record screens.

Further, the malware “shows fake login pages for legitimate banking and crypto exchange applications. Those phishing pages are used to steal credentials (login information like usernames, customer IDs, passwords, etc.),” PCrisk says.

Crypto Becoming Hackers’ Perfect Victim

This malware first emerged in December, when it reportedly attacked Android users across 16 countries. Cybersecurity professionals at Group-IB first warned about Godfather in 2021, though the malware has not been as active until late last year.

The reports of new attacks highlight that crypto remains one of the hackers’ favorite targets, particularly the DeFi sector. A research report by TRM Labs revealed that a record $3.7 billion worth of crypto funds were stolen in 2022 alone.

More recently, a DeFi whale lost $3.4 million in GMX tokens in a phishing attack, PeckShield and CertiK reported. Phishing attacks are similar to the Godfather malware as both try to steal login credentials through counterfeit websites.

This article originally appeared on The Tokenist

100 Million Americans Are Missing This Crucial Retirement Tool

The thought of burdening your family with a financial disaster is most Americans’ nightmare. However, recent studies show that over 100 million Americans still don’t have proper life insurance in the event they pass away.

Life insurance can bring peace of mind – ensuring your loved ones are safeguarded against unforeseen expenses and debts. With premiums often lower than expected and a variety of plans tailored to different life stages and health conditions, securing a policy is more accessible than ever.

A quick, no-obligation quote can provide valuable insight into what’s available and what might best suit your family’s needs. Life insurance is a simple step you can take today to help secure peace of mind for your loved ones tomorrow.

Click here to learn how to get a quote in just a few minutes.

Thank you for reading! Have some feedback for us?
Contact the 24/7 Wall St. editorial team.