A new warning has been issued to all "Android" phone users, as millions are believed to be at risk of having their banking details stolen due to a serious flaw.

"Android" phone users have been attacked once again by hackers, which may cause some to stop downloading any other apps on their devices.

Godfather Flaw

This new warning was issued after the "Godfather" flaw resurfaced, which is fully capable of stealing banking credentials including usernames and passwords.

According to the security team at Group-IB, there has been a significant increase in attacks over the past few months, with approximately 400 banks and cryptocurrency applications expected to be affected.

Users in 14 provinces, including the United States and the United Kingdom, were targeted through rebooted malware capable of displaying a highly fake page on official login screens when phone owners attempt to access their online services.

Data Theft

This method enables hackers to extract private data, including passwords, which can later be used to access personal accounts.

The flaw is distributed through fake apps spread across the web, although there have also been attempts to distribute Godfather via the official "Google Play" store, making the attack even more frightening.

Worsening the situation, Internet thieves have successfully created a clever trick to evade detection by Google's protection service, indicating that "Android" users may never know that they have downloaded a money-theft threat onto their phones.

Once the flaw is downloaded, it can run a Google Protect emulator that closely resembles the real security scanner.

If the user presses the "Scan" button, a fake search will be conducted, showing that no threats were found despite the device being infected.

Creation of Godfather

Godfather was first created in June 2021, with researchers at Threat Fabric announcing its discovery nearly a year later.

Since then, it has been modified to help it hack more devices, with the latest version of the malware appearing in September 2022.

This represents a concerning risk that must be taken seriously—especially by people who download apps from unofficial sources.

Group-IB stated in a blog post that "the Android banking Trojan Godfather is currently used by online hackers to attack users of popular financial services worldwide."

Godfather is designed so threat actors can collect login credentials for banking apps and other financial services, and drain accounts.

So far, its victims include more than 400 international targets, including banking apps, cryptocurrency wallets, and cryptocurrency exchanges.

It is now more necessary than ever for all "Android" users to examine apps before downloading them and to download software only from official sources such as the Google Play store.

It is also essential to check previous reviews and confirm that the developers who created the apps have a good reputation.

Another important tip is to always verify the permissions the app requests before downloading.
 

Daily Star