Rechercher
Contactez-nous Suivez-nous sur Twitter En francais English Language
 

Subscribe











Freely subscribe to our NEWSLETTER

Newsletter FR

Newsletter EN

Vulnérabilités

Unsubscribe

Malware Update

Zimperium zLabs Uncovers Virtualization-Based GodFather Malware Campaign Targeting Banking & Crypto Apps

July 2025 by Zimperium

Zimperium revealed new zLabs research detailing an advanced evolution of the GodFather Android banking Trojan that weaponizes on-device virtualization to hijack nearly 500 legitimate mobile applications. The technique allows attackers to run the real app inside a malicious sandbox, capture every tap and credential in real time, and bypass traditional overlay-based defenses.

Why It Matters
● Perfect deception: Users interact with the genuine app, making visual detection impossible.
● Full account takeover: Attackers harvest usernames, passwords, device PINs—even lock-screen credentials.
Rapid industry spillover: Although the latest wave focuses on a dozen Turkish financial institutions, any sector that relies on mobile apps—finance, retail, healthcare, government—faces identical risk.
● Evasive by design: GodFather layers ZIP-format tampering, accessibility abuse, and Xposed-based hooking to blind static scanners and root-detection checks.

Expert Quote
“Mobile attackers are moving beyond simple overlays; virtualization gives them unrestricted, live access inside trusted apps,” said Fernando Ortega, Senior Security Researcher, Zimperium zLabs. “Enterprises need on-device, behavior-based detection and runtime app protection to stay ahead of this shift toward a mobile-first attack strategy.”


See previous articles

    












Security Vulnerability

Toutes nos news en Francais

Alle unsere News auf deutsch

Your podcast Here

New, you can have your Podcast here. Contact us for more information ask:
Marc Brami
Phone: +33 1 40 92 05 55
Mail: ipsimp@free.fr

All new podcasts

 
News Files Cyber Security Security Vulnerability Malware Update Diary Guide & Podcast TRAINING Jobs CONTACTS Contact About Mentions légales identifier ADMIN

Global Security Mag Copyright 2011


 