New virus for cryptocurrency apps steals data on cryptocurrency owners

Germany’s Federal Financial Supervisory Authority (BaFin) has issued an official warning about a new malware called the Godfather. The program collects user data in banking and cryptocurrency applications. BaFin law enforcement officials said that the virus targets more than 400 applications operating not only in Germany but also around the world.

The Godfather’s operating principle can be called classic: the software imitates banking or cryptocurrency program websites and steals user data at the moment of login. Moreover, the virus can send push notifications to obtain two-factor authentication codes.

At the moment, BaFin experts are trying to figure out how the malicious program gets on users' devices. Experts detected the Trojan back in 2021, but the malware was ineffective then.

For the first time, an advanced and fully finished build of the Godfather was detected in December 2022 on Android devices. At that time, the program targeted users from 16 countries. Currently, the Trojan mainly targets banking applications from the United States, 110 cryptocurrency exchange platforms, and 94 crypto wallets.

Cryptocurrency experts emphasize that theft of digital assets will only increase in 2023. Panda Security, a Spanish cybersecurity and software firm, predicts a «surge in fraud and attempts at mass theft of virtual assets» due to the growing loyalty to cryptocurrencies. The firm said that North Korea is the most interested in hacking, so we should expect new exploits from the most notorious criminal cyber group Lazarus Group.