Trojan virus manages to attack the network of more than 400 banking applications

Recently, the cybersecurity technology company Gorup-IB identified that 16 countries were affected by a trojan virus attack. Experts have reported that such a virus is capable of stealing all bank credentials and even cryptocurrencies. The virus was first identified in June 2021.

The trojan has been recognized as Godfather, and it usually attacks devices android. The act has been happening around the world, with 400 bank applications being informed about what happened and all of them were affected. Among the victims of the hacker attack are about 215 international banks, 110 cryptocurrency platforms (exchanges) and 94 cryptocurrency wallets.

see more

How to get your CNH for free in 2023?

After hacker attacks, Microsoft releases free tools for…

Countries affected by hacking

The cybersecurity firm identified that the attacks took place in Italy, the United States, Poland, the United Kingdom, France, Canada, Turkey and Spain.

“Interestingly, Godfather saves users in post-Soviet countries. If the potential victim's system preferences include one of the languages ​​in that region, the Trojan will be terminated. This may suggest that the Godfather developers use the Russian language,” the security firm pointed out.

Experts point out that the trojan invades the system through false links, precisely created to attack these apps. The user clicks on the link created by the hacker and the invasion begins. Therefore, it is essential to avoid clicking on unknown links, whether anywhere on the internet.

According to Group-IB, these are the practices of the Godfather

The cybersecurity specialist company noted that the virus used is not something entirely new.

“The Godfather developers took the Anubis source code as a base and modernized it to more modern versions. latest versions of Android, adding relevant features and removing others such as file encryption”, highlighted.

The cybersecurity team identified these hacker practices:

  • Recording the victim's device screen;
  • Starting keyloggers;
  • Establishing WebSocket connections (added in the new September 2022 release of Godfather)
  • Establishing VNC connections;
  • Call forwarding (to bypass two-factor authentication);
  • Exfiltration of push notifications (to bypass two-factor authentication). Earlier versions of the Trojan also exfiltrated SMS messages;
  • Starting proxy servers;
  • Executing USSD requests;
  • Sending SMS messages from infected devices.

Lover of movies and series and everything that involves cinema. An active curious on the networks, always connected to information about the web.

New GPT-4 Features Announced by OpenAI

Since the worldwide launch of ChatGPT, in November 2021, OpenAI's artificial intelligence fell to...

read more

Which sweetener is better: sucralose or stevia?

Arguably, one thing that all health professionals agree on is that the sugar is the greatest heal...

read more

Blood type O diet: know what to consume and what to avoid in everyday life

right foods they can be better or worse for health, depending on the blood type of those who inge...

read more