Godfather: A banking Trojan that is impossible to refuse

The Android banking Trojan Godfather is currently being utilized by cybercriminals to attack users of popular financial services across the globe. Godfather is designed to allow threat actors to harvest login credentials for banking applications and other financial services, and drain the accounts. To date, its victims include users of over 400 international targets, including banking applications, cryptocurrency wallets, and crypto exchanges.

Few people realize that hiding under Godfather’s hood is an old banking Trojan called Anubis, whose functionality has become outdated due to Android updates and the efforts of malware detection and prevention providers. In this blog post, Group-IB’s Threat Intelligence team describes in detail who Godfather attacks, how it does it, and what this banking Trojan inherited from its predecessor.

Read more…
Source: Group-IB