Security researchers are warning about the Godfather, an Android banking Trojan that has targeted the users of more than 400 apps.
Cybercrooks are using Godfather to target users of banking and crypto exchange apps in 16 countries, says Group-IB.
The Trojan tricks victims thanks to its ability to generate convincing web fakes and overlay them on the screens of infected devices when a user tries to open a targeted app.
Criminals can then steal victims’ login credentials and bypass two-factor authentication in order to gain access to accounts and drain their funds.
As of October, 215 banks, 94 crypto wallet providers, and 110 crypto exchange platforms - in countries including the US, UK, Canada and Turkey - had been targeted by Godfather.
Group-IB found that code in the Trojan that stops it from attacking users who speak Russian or on of a number of languages used in the former Soviet Union.