Subscribe Us


The first-time Android malware to rob the 2FA (two factor authentication) code created by Google Authenticator app was discovered by a cyber security company last month.

The malware, discovered by ThreatFabric researchers, was renamed Cerberus, while its 2FA OTP code-stealing feature was still established and was still not detected in a real-world attack.

 The malware is a version of the bank trojan with a remote access trojan (RAT), according to researchers. When an Android user gets infected, the hacker can use the malware banking trojan to steal mobile banking system credentials.

The malware was built to allow the Cerberus gang to manually link to a user's device via the RAT features of a 2FA app. Hackers would then open the Authenticator app, generate one-time code and take a view of the code and access the account of the user.

Throughout 2017, researchers at Nightwatch posed the same concern when they reported the same problem to the security team at Google.

They also found that the Microsoft Authenticator Android app had the same misconfiguration (and still features) that allows its screenshot to be made.

 Lukas Stefanko, a leading mobile malware researcher from ESET, told Hackers Review earlier today when we asked him to review the article. Flag prohibits other programs from taking a screen shot or capturing image.


Post a Comment

Previous Post Next Post