An early version of Godfather utilized screen overlay attacks, which placed fraudulent HTML login screens on top of legitimate banking and crypto exchange apps, tricking users into entering credentials for their financial accounts. It was first detected on Android in 2021 and was estimated to target several hundred apps across more than a dozen countries.
If you open one of those targeted apps, Godfather redirects you to the virtual version. You'll see the real banking interface, but everything that happens within it can be intercepted and manipulated in real time. As Bleeping Computer notes, this includes harvesting account credentials, passwords, PINs, and capture responses from the bank's back end. Further, the malware can control your device remotely, including initiating transfers and payments inside the banking or crypto app, even when you're not using it.
How to protect your device from Godfather
According to Zimperium, while the current campaign affects nearly 500 apps, it has primarily focused on banks in Turkey. That said, it could easily spread to other countries, as the previous version did.
Apps > Special app access > Install unknown apps. You should ensure Google Play Protect, which scans apps for malware, is enabled, and that your device and apps are kept up to date. Now would also be a good time to audit the apps you have on your device and delete any you don't use or don't need.
Since Godfather's attack mechanism is so sophisticated, you should also follow other basic best practices for avoiding malware in the first place. Never open attachments or click links in emails, texts, or social media posts, and avoid clicking ads, which are used to spread malware.
Read More Details
Finally We wish PressBee provided you with enough information of ( 'Godfather' Malware Is Now Hijacking Banking Apps on Android )
Also on site :