Title: “Godfather Banking Trojan Continues to Evolve with Over 1,000 Variants Targeting Mobile Banking Apps Worldwide”
In a rapidly evolving cyber threat landscape, the notorious “Godfather” banking Trojan has spawned more than 1,000 variants, each targeting over a hundred mobile banking applications across the globe. Initially discovered in 2022, the Godfather malware has gained prominence for its capabilities to record screen and keyboard inputs, intercept two-factor authentication (2FA) calls and messages, and initiate unauthorized bank transfers.
According to a report by Zimperium titled “2023 Mobile Banking Heist Report,” by the end of 2023, the Godfather Trojan had set its sights on 237 banking applications in 57 countries. The stolen financial information is then transferred to at least nine countries and regions, including the United States and Europe.
The scale of impact has prompted the developers behind the Godfather Trojan to almost industrialize the generation of new samples for their clients. However, the Godfather malware is not the only threat in the digital landscape. Zimperium’s Chief Scientist Nico Chiaraviglio has identified a larger, confidential series of malware with over 100,000 unique samples lurking in the wild.
“This is insane,” Nico remarked. “We have never seen this magnitude of samples in a single malware before; it is definitely a trend.” He highlighted the concerning gap in security protection between mobile and PC devices, with 85% of mobile devices lacking adequate security measures compared to 25% of PCs.
The rapid evolution of mobile threats has led to various iterations that make it challenging for antivirus programs to correlate one infection with the next. From less than 10 samples found in the wild when the Godfather Trojan was first detected in 2022, the number had surged to 1,000 variants by the end of 2023.
Nico proposed that adaptive solutions could leverage these variations to link related malware with different signatures. Additionally, using artificial intelligence (AI) to focus on malware behavior rather than its code could enhance threat detection capabilities. “With models that can do this, regardless of how you change the code or appearance of the application, we can still detect it,” Nico explained. However, he acknowledged that it is a game of cat and mouse, with attackers adjusting their strategies in response.
While polymorphic malware is not yet prevalent on mobile devices, it is foreseeable that such threats will become more common in the future as attackers exploit AI to mutate their code. Nico’s insights shed light on the evolving landscape of mobile security threats, urging the industry to adopt advanced defense mechanisms to combat the growing menace of sophisticated malware.
Citation:
Godfather Banking Trojan Spawns 1.2K Samples Across 57 Countries – Dark Reading