New Android Malware Might Steal Google Authentication Codes

Most of the time when you hear about two factor authentication codes, they are probably being discussed within the context of the level of safety that they provide to the average internet user because of the fact that they can make it so that any and all accounts you log into would be secured far more than the case might be if you had been using standard password entries. However, one thing you probably don’t hear is that two factor authentication often causes a lot of problems as well.

If someone can intercept the code that you are receiving in some way there is a very high chance that your account may very well end up being severely compromised, and the fact of the matter is that until and unless you look into the possibility of this happening then you really aren’t doing enough to ensure a high level of safety for yourself while using the platform of your choice. A recent malware that has started to impact certain Android users has the potential to make your two factor authentications very insecure indeed, particularly in the context of the ones that Google will be sending you in order to help secure your account.

The way this works is that most two factor authentication goes through a layer app that is referred to as the Google Authenticator. This was launched as a way to provide some kind of an alternative to users that would be somewhat more secure than SMS based authentication, and essentially the app can create codes that range from six to eight digits long all of which have the potential to enable you to make the most out of the kind of security you are looking for.

The new malware that is impacting the security of this app is a Trojan by the name of Cerberus, and it has become quite a nuisance for a wide variety of people that are attempting to create a safe environment for themselves online. A security firm based in the Netherlands by the name of ThreatFabric has revealed that this Trojan may just be a little more dangerous than was previously anticipated, and a lot of this has to do with the fact that it might be able steal the one time passwords that the Google Authenticator app might just end up generating for you.

Basically whenever you are using the authenticator app, if you have the Trojan on your phone without realizing it then this Trojan might just be able to access the content being presented by the app interface and then send it to a command server where this information can be utilized.

Cerberus is a Trojan that is sold on the dark web so it’s not something random but rather a product created for the internet market. Hence, one relevant fact that should be noted is that the version of Cerberus that can do this is not yet available for people to buy so there is no need to panic just yet, but at the same time it is important to prepare for the possibility that something like this might just impact you.




Read next: AI Based Voice Cloning Is Giving Rise To Another Big Security Scam

No comments:

Post a Comment