Connect with us
Active Currencies 14445
Market Cap $2,698,012,337,796.50
Bitcoin Share 50.48%
24h Market Cap Change $0.97

All you need to know about the ‘Godfather’ malware targeting this country’s financial system

2min Read
All you need to know about the 'Godfather' malware targeting this country's crypto system

Share this article

  • The ‘Godfather’ software makes a duplicate of a banking or cryptocurrency platform login screen in order to steal money.
  • The spyware reportedly targeted 400 banking and cryptocurrency apps.

A new financial malware, named “Godfather,” which affects banking and cryptocurrency applications, is spreading quickly in Germany, and financial officials are raising the alarm.

On 9 January, Germany’s Federal Financial Supervisory Authority (BaFin) issued a formal statement alerting customers to the malware that harvests user data from banking and cryptocurrency apps.

BaFin stressed that until press time, the virus had targeted roughly 400 banking and cryptocurrency apps. By showing bogus websites for common banking and cryptocurrency apps, the Godfather malware targets victims and steals their login information.

The agency claimed that the malware’s attack vector has not yet been identified. Push notifications are a known method used by malware to obtain two-factor authentication codes. According to BaFin:

“Cybercriminals may be able to access consumers’ accounts and wallets with this data.”

What is Godfather malware?

The initial reports about Godfather appeared in December. Allegedly, the malware was affecting Android smartphones and aiming its attacks on people in 16 different nations. Group-IB cybersecurity researchers first reported on its existence in 2021, but over the last few months, activity growth and code changes modified the virus.

The Godfather targeted nearly 50% of all. Most of the compromised devices were from the United States, said the Group-IB cybersecurity experts.

Germany, along with Turkey, Spain, and Canada, was the most impacted after the U.S. Additionally, 94 cryptocurrency wallet apps and 110 cryptocurrency trading platforms were the known targets of ransomware.

According to Chainalysis, a blockchain analysis company with headquarters in the United States, cryptocurrency theft increased by 516% from 2020 to $3.2 billion in 2021. It is unknown how the malware infects online devices, but once it does, it shows bogus websites for well-known banking and cryptocurrency programs, according to BaFin.

Cryptojacking on the rise

One of the most common attacks on crypto applications in recent years has been cryptojacking. Cybersecurity research firm Kaspersky predicted that malware attacks will increase in 2023, with the year likely to become synonymous with “cyber epidemics with the most impact.”

The research titled “2022 SonicWall Cyber Threat Report” from cybersecurity company SonicWall claims that cryptojacking attacks have increased in the banking sector by 269% year-to-date. This figure is nearly five times higher than cyberattacks directed at the retail sector.

According to the study from SonicWall, the total number of crypto-jacking incidents increased by 30% to 66.7 million in the first half of 2022.


Saman Waris works as a News Editor at AMBCrypto. She has always been fascinated by how the tides of finance and technology shape communities across demographics. Cryptocurrencies are of particular interest to Saman, with much of her writing centered around understanding how ideas like Momentum and Greater Fool theories apply to altcoins, specifically, memecoins. A graduate in history, Saman worked the sports beat before diving into crypto. Prior to joining AMBCrypto 2 years ago, Saman was a News Editor at Sportskeeda. This was preceded by her stint as Editor-in-Chief at EssentiallySports.
Read the best crypto stories of the day in less than 5 minutes
Subscribe to get it daily in your inbox.
Please check the format of your first name and/or email address.

Thank you for subscribing to Unhashed.