Detecting Android malware can easily steal OTP code without the victim knowing
Android malware can extract and steal one-time passcode (OTP) generated through Google Authenticator application.
International security experts have recently discovered an Android malware variant that can extract and steal one-time-use passwords (OTP) created through the Google Authenticator application.
This malware is called Cerberus - a relatively new banking trojan, first discovered in 2019, specializing in 'parasites' on Android, and especially possesses a special talent that makes it dangerous: Possibility of stealing OTP Authenticator.
Compared to last year's version, the current variant of Cerberus possesses some significantly more advanced capabilities. After successfully infiltrating the victim system, it can abuse access privileges to steal 2FA code, collect data from the Authenticator application and send it to the server controlled by the attacker.
If you don't already know, Authenticator is a 2-step verification code (2FA) device on your phone, launched in 2010 as an alternative to traditional one-time verification codes based on traditional SMS. Authenticator provides a better layer of security for users' Google accounts by requiring a second verification step when signing in. In addition to the password, you will need the code generated by the Google Authenticator app on your phone. After the account setup and linking steps, Authenticator will generate 6-8-digit OTP codes and provide them to users when they log into their respective accounts.
So how can this new Cerberus variant steal information from the Authenticator. Experts have found a range of features typical of the advanced remote access trojan (RAT) exist on this malicious code.
- It can connect remotely and automatically to an infected device.
- It can collect and use victims' information and data to access their online accounts - a major threat to online banking services, email, archives, transmission accounts. social media, intranet, etc.
However, the 2FA code theft feature is not yet available in the Cerberus version currently being advertised and sold on hacked forums. Security researchers therefore believe that this new Cerberus variant is still in beta, but it is likely to be released soon.
Google has not provided any feedback on the information, but the security patches for Android in general and the Authenticator application in the near future must contain a 'definite' solution to malicious code. this.
You should read it
- Malware WSL appeared with the ability to steal browser authentication cookies
- Appears new malware specializing in stealing Steam, Epic Games and EA Origin accounts
- What is FormBook Malware? How to remove?
- 5 types of malware on Android
- How many types of malware do you know and how to prevent them?
- 10 typical malware types
- What is Malware Joker? How to fight Malware Joker?
- Malware spreads through crack software specializing in stealing Facebook, Instagram, and Twitter accounts
- What is Safe Malware? Why is it so dangerous?
- Can a VPN Fight Malware?
- What is Goldoson Malware? How can you protect yourself?
- Modular Malware - New stealth attack method to steal data
Maybe you are interested
How to see your friends' recent online visits on Snapchat Computer Display Going To Sleep, Effective Error Fixing Tips How to send location directly in messages on iPhone How do I show file paths on Mac? Top 8 solutions to fix Windows 10 freezing your computer What will a top hacker do with a hotel computer?