Android malware can steal Google Authenticator 2FA codes

Forums Security News (Security) Android malware can steal Google Authenticator 2FA codes

Tagged: ,

  • This topic is empty.
Viewing 0 reply threads
  • Author
    Posts
    • April 20, 2020 at 5:32 pm #41269
      Telegram SmartBoT
      Moderator
      • Topic 5959
      • Replies 0
      • posts 5959
        @tgsmartbot

        #News(Security) [ via IoTGroup ]

        Headings…
        Android malware can steal Google Authenticator 2FA codes
        Cerberus gets Authenticator OTP-stealing capabilities
        Feature developed for bypassing 2FA on banking accounts

        Auto extracted Text……

        Security researchers say that an Android malware strain can now extract and steal one-time passcodes (OTP) generated through Google Authenticator, a mobile app that’s used as a two-factor authentication (2FA) layer for many online accounts.
        Google launched the Authenticator mobile app in 2010.
        The app works by generating six to eight-digits-long unique codes that users must enter in login forms while trying to access online accounts.
        Because Google Authenticator codes are generated on a user’s smartphone and never travel through insecure mobile networks, online accounts who use Authenticator codes as 2FA layers are considered more secure than those protected by SMS-based codes.
        Cerberus gets Authenticator OTP-stealing capabilities
        In a report published this week, security researchers from Dutch mobile security firm ThreatFabric say they’ve spotted an Authenticator OTP-stealing capability in recent samples of Cerberus, a relatively new Android banking trojan that launched in June 2019.
        “Abusing the Accessibility privileges, the Trojan can now also steal 2FA codes from Google Authenticator application,” the ThreatFabric team said.
        ThreatFabric said this new feature is not yet live in the Cerberus version advertised and sold on hacking forums.
        Feature developed for bypassing 2FA on banking accounts
        All in all, the ThreadFabric team points out that current versions of the Cerberus banking trojan are very advanced.
        They say Cerberus now includes the same breadth of features usually found in remote access trojans (RATs), a superior class of malware.
        These RAT features allow Cerberus operators to remotely connect to an infected device, use the owner’s banking credentials to access an online banking account, and then use the Authenticator OTP-stealing feature to bypass 2FA protections on the account — if present

        Read More..
        AutoTextExtraction by Working BoT using SmartNews 1.0299999999 Build 26 Aug 2019

    • Author
      Posts
    Viewing 0 reply threads
    • You must be logged in to reply to this topic.