New research indicates the Google Authenticator app on Android devices is vulnerable to a banking malware known as Cerberus.
Google Authenticator provides two-factor authentication as a preferable alternative to SMS-based passcodes. The other days ThreatFabric claims Cerberus can steal one-time passcodes generated by the app.
Cerberus targets the access privileges on Android devices. Being a sophisticated remote access trojan (RATs), it enables hackers to control a user's smartphone to access and steal information that facilitates financial fraud. Once Cerberus gets control over an Android OS mobile device, infiltrators can leverage their credentials to take over the owner's bank account.
Moreover, Cerberus can replace device settings, access to any installed apps, delete or install them.
Members of the Android community stay alarmed at its potential for misuse while Google has yet to respond with any potential patches or solutions for this vulnerability.
Comentários