A Newly Disclosed Android Malware Which Steal Google Authenticator app codes

The most popular app for securing digital accounts and services is Google Authenticator. Security researchers have nevertheless discovered a new type of Android malware that steals authentication of two-factor or 2FA codes, a way to ensure security for digital accounts.

The researchers at the security company Threatfabric found in January 2020, that first appeared in June 2019, a variety of the Cerberus Banking Trojan.

It's important to note that the Trojan malware can steal 2FFA codes from Google Authenticator app, as defined in the threat mentioned by the security firm ThreatFabric "Abussing accessibility rights." Advanced malware class can access the interface content when the app is running and then send it to the C2[ command and control-ed] server. "we can assume that this function is used to bypass OTP-based authentication services" They Said.

The security company has shown that the Trojan malware feature has not been exposed in underground forums, suggesting that it remains capable of being tested. Nevertheless, according to Threatfabric, malware like RATs also poses a major threat to online banking services and other accounts as well as 2FA delivery services like e-mail, Google account and YouTube and more.

Several technology experts see the SMS-based 2FA as safe for Google Authenticator. However, two-factor authentication can be broken via SMS, with a number of cases of SIM swap fraud enables actors at risk to access such security codes.

The Tech Giant Google did not issue alerts on Trojan malware after the release of the threat survey. Nevertheless, it can be inferred that the technology company may be working on authenticator app updates, since no such infringement has been reported before. I hope Google can shore up Android's malware defenses.

Previous Post Next Post