Android Virus Bypasses 2FA and Steals Your Info

Do you have an Android based phone? Do you love giving out your information to nefarious people?

Of course not. BUT they are always finding out ways of getting around current security measures designed to stop them.

This time around hackers have found a way around the 2 Factor Authentication or 2FA that a lot of programs use on the Android devices.

“The apps impersonate the Turkish cryptocurrency exchange BtcTurk and phish for login credentials to the service. Instead of intercepting SMS messages to bypass 2FA protection on users’ accounts and transactions, these malicious apps take the OTP from notifications appearing on the compromised device’s display. Besides reading the 2FA notifications, the apps can also dismiss them to prevent victims from noticing fraudulent transactions happening.

The malware, all forms of which are detected by ESET products as Android/FakeApp.KP, is the first known to sidestep the new SMS permission restrictions.” ESET

As always be vigilant!

Discussion

Recent News