It steals Google Authenticator codes, as well as PINs and pattern keys.
The Dutch company ThreatFabric, specializing in mobile security, spoke about a new malware threatening Android-based mobile devices.
The new version of the banking Trojan Cerberus is able to steal one-time codes generated by the Google Authenticator two-step authentication application. This application is one of the most popular for protecting accounts with two-step authentication.
Google launched Authenticator in 2010 as an alternative to sending SMS codes. Since such codes are generated on the user’s smartphone and are not transmitted over insecure networks, this method of protection is considered more reliable than SMS codes.
In addition to circumventing Google Authenticator, there is no problem for the Trojan to bypass the PIN code or unlock pattern.
The report notes that when Google Authenticator is running, the trojan can receive secret content and send it to its server.
According to experts, such a variation of Cerberus appeared in January 2020 and is not yet widespread and, apparently, is still in the testing phase. Such a trojan poses a serious threat to online banking services.
Recently news
Android smartphones are in danger again. Google has closed critical “holes” in Android, but manufacturers are in no hurry with updates
The shocking truth. Google revealed the real popularity of different versions of Android
Xiaomi, Pixel and OnePlus were affected. Android crash disables smartphones
20 million Android user accounts leaked to the Web
The kidnapper of cookies. Android malware compromises even well-protected social media accounts
Google has canceled its largest event, which were supposed to present Android 11