News

Google’s Authenticator App hit a major vulnerability

According to recent research, the authenticator app by Google for Android is susceptible to major malware known as Cerberus. As per the cybersecurity specialist ThreatFabric, the malware is a banking related Trojan that can access one-time passcodes generated by the app and enable the hackers to get access to the banking details of the users,

The Google Authenticator app is known to offer two-step authentication to online accounts. It is perceived as a better and secured alternative than receiving passcodes via SMS by using cellular network access

Once it is successfully installed, Cerberus has the potential of logging the keystrokes and accessing all the SMS text messages in your Smartphone. Besides that, it can trick you on giving your password to one of the mobile banking apps by making a fake login window on the phone.

As per ThreatFabric: “When the app is running, The Trojan can get the content of the interface and can send it to the C2 (command-and-control) server. Once again we can deduce that this functionality will be used to bypass authentication services that rely on (one-time) codes.”

The bright side is that the vulnerability has limitations as the infected phone’s users have an authority to grant access to this malware towards Google Authentication App’s interface. The Trojan will act as a ‘Flash Player’ and ask the users to grant it the Android Accessibility Services privileges, the feature designed specifically for the users with a disability

The General Manager of ThreatFabric Gaetan Van Diemen said: “As long as the victim hasn’t granted it, the Trojan will ask for it.” He further added: “Once granted, the bot will be able to read/visualize all information on the infected device’s screen but also click and interact with the content.”

The creators of Cerberus are renting out the access to the Trojan to a Russian Hacking forum. For three months of access, the rental price is about $4,000. According to the creators, the spread of this Trojan is entirely on the users and to avoid it one must stick to the authentic play store for downloading the apps as it filters out malicious products. It is believed that malicious links can be circulated from the infected mobile via SMS and emails

Van Diemen showed his utmost concern saying Google has yet to state its comment on the report submitted by the ThreatFabric. Indeed it is not just the 2FA Authenticator App by the company that is only affected by accessing the Accessibility service, the malware can dig out the information from any app on the smartphone.

Sponsored
Naima Rabbie

Leave a Comment
Share
Published by
Naima Rabbie

Recent Posts

SBP Chief Reports October Remittances Exceed $3 Billion

KARACHI: The State Bank of Pakistan (SBP) is anticipating $500 million from the Asian Development…

7 mins ago

Sindh Assembly Reveals 28,500 Govt Employees’ Spouses as Illegal BISP Beneficiaries

The Sindh Assembly was informed that over 28,500 employees of the provincial government were unlawfully…

1 hour ago

SBP Eases Policy Rate by 2.5% as Inflation Shows Steady Decline

The Monetary Policy Committee (MPC) of the State Bank of Pakistan decided to cut the…

1 hour ago

SECP to Host Pakistan Startup Summit in Karachi Next Week

The Securities and Exchange Commission of Pakistan (SECP) is organizing the Pakistan Startup Summit, which…

1 hour ago

Fake News by Pakistani AI Website Sparks Turmoil in Ireland

On October 31, 2024, Halloween was celebrated worldwide, and the holiday spirit still lingers. Pakistan…

2 hours ago

Pak Suzuki Drops Popular Graphite Grey from Vehicle Lineup in Pakistan

Pakistan Suzuki Motor Company (PSMC) has announced the discontinuation of the widely favored Graphite Grey…

2 hours ago