- Zampyrium Turkey’s Android users spots a new version of God Father
- The new version produces the virtualized version of legitimate banking apps in the sandbox
- It can eliminate login credentials, pin codes, and unlock patterns
Experts have warned that the notorious Godfather malware for Android phones has returned with revenge, and has been targeted by the upgraded construction, which makes it more dangerous than ever.
CyberScureti researchers claim that they have seen a latest version of the notorious malware in the wild, and this is even more dangerous because it facilitates things much better than detection.
Godfather is a banking trigger, who used to steal money from people’s bank accounts. Earlier variations served as an overlay – a hidden layer on legitimate banking apps. Therefore, when the victims bring their apps and start typing in their login credentials, they are picked up by the overlay and sent to the invaders, who will later log into the app and withdraw cash.
You can like
Virtualization attack
The new version, however, digs the Overley view for something even more unpleasant – which produces the virtualized version of the app.
On the compromised devices, the malware will launch a virtual example of the banking app inside the malware sandbox. Thus, malware does not even need to seek excessive permission for wire fraud, and that means that the victims have not trusted the legitimate apps they have installed.
When the affected person is infected, malware analyzes the first installed apps and looks for a banking that fits.
If it gets something, it produces a virtualized version that is launched whenever the affected person tries to bring the legitimate.
In addition to stealing the login credentials, God can remove the codes and unlock the samples, and control the device (for example, for example) over the hours of hours, when the affected sleeping wire transfers.
Zamprim says it has only witnessed Godfather in Turkey’s Android users, but it has warned that malware operators can cover the West at any time, so banking users should be on their guards everywhere.
By InfoseCURITY
