1. Skip to content
  2. Skip to main menu
  3. Skip to more DW sites
CrimeGermany

Germany: Regulator warns of 'Godfather' banking malware

January 9, 2023

BaFin has yet to ascertain how the malware infects devices, the authority does know that the trojan displays fake websites of regular apps that can then acquire login details and transmit them to cyber criminals.

BaFin is an independent federal institution with headquarters in Bonn and Frankfurt and falls under the supervision of the Federal Ministry of Finance
BaFin is an independent federal institution and falls under the supervision of the Federal Ministry of FinanceImage: Daniel Kubirski/picture alliance

German financial authorities on Monday warned consumers that the malware known as "Godfather" has been attacking some 400 banking and cryptocurrency apps worldwide, "including those of providers within Germany."

The Federal Financial Supervisory Authority (BaFin) said in a statement on Monday that it was unclear how the malware infected consumers' devices, but it was currently recording user input on banking and crypto apps.

Though BaFin has yet to ascertain how the software gets onto electrical apparatus, the authority does know that the "Godfather" Trojan tries to trick people into entering their login details on simulations of official banking apps. It can then acquire the login details and transmit them to cyber criminals.

The malware also sends push notifications to obtain two-factor authentication codes. With these data, the individuals or teams of people who use technology to commit malicious activities may be able to access consumers' accounts and wallets, BaFin said.

Citizens offered security advice

In a video from the German Federal Office for Information Security (BSI), consumers have been offered advice on how to safely use apps on mobile devices.

Information on the malware is also available on the BSI website.

Warnings on "Godfather" first emerged in December, with reports suggesting that the malware was affecting Android devices, targeting users across 16 countries.

Cybersecurity experts from Group-IB reportedly first discovered the "Godfather" in 2021, but the Trojan has undergone significant code upgrades since then, resulting in a spike in activity in recent months.

Revolution through the Metaverse?

08:40

This browser does not support the video element.

jsi/msh (Reuters)

Skip next section Explore more

Explore more

Show more stories
Skip next section DW's Top Story

DW's Top Story

Skip next section More stories from DW