New Android Malware Can Get Past Two-Factor Authentication

March 11, 2020

Written by wukovits

Since 2010, Google has been doing its part to help keep its massive user base safe. They introduced a small but critical service called Google Authenticator, which is used by a number of online accounts as a two-factor authentication layer.

Google launched the service as an alternative to SMS-based one-time pass codes.

While SMS-based codes are better than nothing, they are the lowest common denominator in the world of 2FA, and are problematic for a number of different reasons. The main advantage Authenticator has over its SMS counterpart is that Authenticator’s randomly generated codes are contained within the user’s device itself, and never travel through insecure mobile networks.

Although Authenticator generated codes are widely regarded as being superior to SMS-based codes in terms of overall security, they’re certainly not invulnerable, as hackers have recently proved. Researchers from ThreatFabric recently announced that they’ve spotted a new strain of the Cerberus Trojan in the wild that is capable of stealing 2FA codes generated via the Authenticator application.

If there’s a silver lining in the research team’s findings, it is the fact that the strains they’ve uncovered seem to be test versions of the Trojan That means the new capabilities aren’t yet widely available. Unfortunately, it’s just a matter of time before the new strain is out of testing and starts seeing widespread use.

All that to say, that this is a serious threat. Be sure your employees are aware of the risks and dangers. Too often, people get comfortable after enabling 2FA and develop a false sense of security thinking that they’re essentially invulnerable.

They aren’t. No one is. While this is the first piece of malware we’ve seen that can counter 2FA, it certainly won’t be the last. Stay vigilant. It’s going to be a tough year on the security front.

Used with permission from Article Aggregator

Related Articles

Some Amazon Device Features May Have Security Risks

Have you heard of Amazon Sidewalk? If not, it's definitely something you should be aware of. Depending on your point of view, the new feature, which was enabled by default on a wide range of Amazon devices by default on June 8 of this year (2021) is either...

Email Unsubscribe Scam Can Easily Fool Any User

Scammers are increasingly relying on a tried and true bit of social engineering to fool unsuspecting users into unwittingly signing up to receive a flood of additional spam email. They accomplish this by blasting out an email asking recipients if they wish to...

Update VMWare Software Immediately To Avoid Possible Attack

The US Cybersecurity and Infrastructure Security Agency recently issued a warning to all companies running VMware Vcenter Server and VMware Cloud Foundation. They are asking them to download and apply the latest security patches as soon as possible because attackers...

Send us a message

Your message was sent.

Thank you for contacting Bayou Technologies. We'll be in touch soon!

Need help? support-icon