[ALERT] ANDROID MALWARE CAN STEAL GOOGLE AUTHENTICATOR 2FA CODES

Submitted by irteam on Thu, 03/12/2020 - 10:06


Background
Last month, a cybersecurity firm discovered that this malware can now steal 2FA codes from Google Authenticator app and doing a simple technique by screenshotting the Authenticator app's interface.

Android banking trojan namely "Cerberus" malware has the capability to steal One-Time Password (OTP) generated through Google Authenticator app that's used as 2FA for many online accounts.

Impact
•    Possible loss of sensitive information especially your bank account credentials

Recommendations
•    Use and install anti-virus software.
•    Adding "FLAG_SECURE" option inside the app's configuration as Flag prevents other apps to take screenshot of the codes
•    Make sure to update all software applications
•    Apply appropriate patches and updates immediately.
•    Good cyber hygiene and safe practices.