New Android malware sidesteps Google’s SMS permissions restrictions to get hold of two-factor authentication codes received via SMS.
The cybersecurity company behind major antivirus software NOD32, ESET, reported on June 17 that new Android malware sidesteps Google’s SMS permissions restrictions to get hold of two-factor authentication (2FA) codes received via SMS.
Per the report, some malicious apps are capable of accessing one-time-passwords sent to users via SMS by circumventing the restrictions recently implemented by Google. Furthermore, the same technique reportedly also allows for accessing email-based codes.
According to the author, the apps in question impersonate Turkish cryptocurrency exchange BtcTurk and phish for login details to the service. The malware, “instead of intercepting SMS messages to bypass 2FA protection on users’ accounts and transactions, these malicious apps take the OTP from notifications appearing on the compromised device’s display.” The app also takes measures to prevent the user from noticing the ongoing attack:
“Besides reading the 2FA notifications, the apps can also dismiss them to prevent victims from noticing fraudulent transactions happening.”
The first app to act as such was uploaded onto Google’s Play Store on June 7 under the name BTCTurk Pro Beta by developer account BTCTurk Pro Beta and has been installed by over 50 users before ESET allegedly reported it to Google. After this first instance, another two versions of the app were uploaded and then subsequently removed from the store.
As Cointelegraph reported earlier this month, peer-to-peer (P2P) cryptocurrency exchange BitMEX has reported an influx of attacks on user account credentials. In a message to clients, the exchange stressed the importance of property security measures
Also in June, cyber security researchers found a Trojan-spreading website masquerading as that of Cryptohopper, a site where users can program tools for automated cryptocurrency trading.
Source: , CoinTelegraph
Articles listed with Cash Tech News as the author are either general information, or may have been imported from another website, to bring our readers a rich media experience that encompasses articles that we find interesting, as well as those curated by others.
The views and opinions expressed here are for informational purposes only, and should not be confused with professional financial advice. These opinions are solely those of the author and do not necessarily reflect the views of CashTechNews.com. Every investment and trade involves risk. You should conduct your own research, and contact your professional financial advisor before making any investment.
Corrections, feedback, and ideas should be submitted through the website contact form.