FDIC-Insured—Backed by the full faith and credit of the U.S. Government

For our best mobile experience, we suggest the Heartland Bank and Trust mobile banking app

Download on the App Store Get it on Google Play

Apple, the Apple logo, iPhone, Apple Pay, and Touch ID are trademarks of Apple Inc., registered in the U.S. and other countries. Android, the Android Logo, Google Pay, and the Google Play Store logo are trademarks of Google Inc, registered in the U.S. and other countries.

Please Confirm

We are providing a link to this third party website for your convenience. Heartland Bank is not responsible for the overall content of any website or the collection or use of information gathered on a third party website. Heartland Bank's privacy policy does not apply to any other website, and we are not responsible for its security, privacy policies and practices, or any consequences that may result from visiting that website. We advise you to consult the privacy policies contained on third party linked websites. Heartland Bank assumes no responsibility nor does it control, endorse or guarantee any aspect of your use of the linked site.

A New Threat in Disguise: Godfather Malware Targets Banking Apps

September 4, 2025

Let’s face it, cybercriminals are getting more advanced, and their latest tool — the “Godfather malware” — is a serious threat to mobile banking users. This banking trojan poses as genuine apps to trick people into giving away sensitive financial information. Once installed, it can steal the login, intercept security codes and empty accounts in seconds.

More than 400 financial institutions worldwide, including many in the United States, have been affected. Experts say this isn’t just another phishing scam — it’s a full-scale cyberattack.

gettyimages 1345812496 170667a

How the Godfather Works

The Godfather malware hides inside apps through fake updates, unofficial app stores or copies of popular apps. Once downloaded, it runs quietly in the background. It’s an upgraded version of a threat from a few years ago called the Anubis banking trojan.

When users open their mobile banking app, the malware can place a fake login screen over the real one. This screen looks identical, so users enter their credentials without realizing they’re sending them straight to criminals. Godfather can also track keystrokes, intercept text messages and even disable antivirus protection.

Why It’s Hard to Spot

This malware doesn’t slow down your device or show obvious red flags. Everything appears normal until your account is compromised. Warning signs include unrecognized account activity, strange login alerts or unusual permission requests after an app update. By the time these appear, the damage may already be done.

How to Stay Safe

  • Download apps only from official stores such as the Apple App Store or Google Play.
  • Avoid links in texts or emails, even if they look real.
  • Keep your device and apps updated to fix security gaps.
  • Be cautious about new permission requests.
  • Use two-factor authentication and consider installing a trusted security app.

Stay Secure

The Godfather malware shows how smart — and sneaky — cybercriminals have become. A few extra precautions can make the difference between safety and a drained account. If you feel you’ve been the victim of a scam and may have provided personal or important financial information, contact our Customer Care Center immediately at 888-897-2276. Be sure to provide our team with any relevant details.

Resources:

For more fraud prevention tips, visit Heartland Bank’s Security Center.

This article may refer to and link to third party information that has been verified to the best of our abilities. There is no guarantee of accuracy. Heartland Bank does not endorse companies, services, or products referenced in its articles and is not responsible for the content, links, privacy, or security policies of these third parties. Information in the above article may include material from Infosecurity Magazine (https://www.infosecurity-magazine.com/news/godfather-upgraded-hijack-mobile/), TechRader (Dangerous Android malware targets US banking apps – 50,000 people already affected, make sure you’re not next | TechRadar), Bank Info Security (Godfather Malware Turns Real Banking Apps Into Spy Tools) and the Heartland Bank and Trust Company website (https://www.hbtbank.com/security-center).

Back

Topics

Whenever You Need Support, We're Just One Click Away

Call Us
Visit Us