Android banking trojan steals Google two-factor authentication codes | TechRadar

Android banking trojan steals Google two-factor authentication codes | TechRadar

(Image credit: Shutterstock)

 

New version of Cerberus is not yet for sale on hacking forums.

Cerberus, a malware strain targeting Android devices, is now able steal one-time passcodes generated through the Google Authenticator app, security researchers have claimed.

Launched in a bid to improve upon SMS-based one-time passcodes, Google’s app is used as a two-factor authentication (2FA) layer for many online accounts.

Generated on the user’s smartphone, Google Authenticator codes are considered more secure than SMS-based alerts as they do not travel through possibly-vulnerable mobile networks.

However, the latest iteration of the Cerberus banking trojan is capable of circumventing the protection afforded by Google Authenticator, security researchers from ThreatFabric have found.

 

Source: Android banking trojan steals Google two-factor authentication codes | TechRadar

Ads by WOW TRK
%d bloggers like this: