Android users are once again vulnerable to attacks from hackers, and the latest warning may put some off downloading another app to their devices. The new warning has been issued following the resurgence of the vicious Godfather bug which is fully capable of stealing banking credentials including usernames and passwords.
According to the Group-IB security team, there has been a rapid increase in attacks in recent months with around 400 banks and cryptocurrency apps believed to be affected.
Users in 14 counties, including the US and UK, have been targeted by the rebooted malware which is capable of superimposing a fake page over the official login screens when phone owners try to access their online services.
This tactic allows hackers to obtain private data, including private passwords, which can then be used to gain access to personal accounts.
The bug is being distributed via fake apps found online, although there have also been some attempts to distribute Godfather via Google’s trusted official Play Store, making the attack even more frightening.
To make matters worse, cyberthieves have even been able to create a clever way to avoid being detected by Google’s Protect service, meaning Android users may never know they’ve installed the threat to steal money on their phones.
Once loaded, the bug can launch a Google Protect emulator that looks just like the real security scanner.
If a user then presses the “Scan” button, a fake scan takes place and reveals that no threats have been found despite the device being already infected.
Godfather was actually first created back in June 2021 with researchers at Threat Fabric announcing the discovery nearly a year later. It has since been modified to help it infiltrate more devices with the latest iteration of the malware appearing in September 2022.
It’s a worrying danger that needs to be taken seriously – especially for anyone who likes to sideload apps from unofficial sources.
“The Android banking Trojan godfather is currently being used by cybercriminals to attack users of popular financial services worldwide,” Group-IB confirmed in a blog.
“Godfather is designed to allow threat actors to harvest login credentials for banking applications and other financial services, and drain the accounts. To date, victims include users of over 400 international targets, including banking applications, cryptocurrency wallets, and crypto exchanges.”
It is now more important than ever that all Android users check apps before installing them and only download software from official sources such as the Google Play Store.
It is also a good idea to check previous reviews and make sure that the developers who made the applications are reputable.
Another top tip is to always check the permissions an app will have before installing. If you don’t feel satisfied with the access it is after, DO NOT download it.