An nameless reader shares a report: Final month, a cybersecurity agency found the first-ever Android malware that got here with the potential to steal the 2FA (two-factor authentication) codes generated by the Google Authenticator app. The malware, found by researchers from ThreatFabric, was named Cerberus, and its 2FA OTP code-stealing function was nonetheless below improvement, but to have been detected in a real-world assault. In accordance with researchers, the malware was a hybrid between a banking trojan and a distant entry trojan (RAT).
As soon as an Android consumer bought contaminated, the hacker would use the malware’s banking trojan options to steal credentials for cellular banking apps. If an account was protected by 2FA, and particularly by the Google Authenticator app, the malware was designed to permit the Cerberus gang to hook up with a consumer’s system manually, by way of its RAT options. Hackers would then open the Authenticator app, generate one-time passcodes, take a screenshot of the codes, after which entry the consumer’s account. […] Nightwatch researchers mentioned that Google may have fastened this concern as early as October 2014, when this misconfiguration was first delivered to its consideration by somebody on GitHub.
Learn extra of this story at Slashdot.