Google Authentificator: A malicious computer program would be able to steal dual-factor authentication codes
According to experts, it has been in circulation for some time, a dangerous computer program for devices running Android.
Indeed, the latter would be able to hack dual-factor authentication, via Google's system authentificator. It would apparently be a variant of another Android virus, which previously was intended for bank hacking. Our malware is called "CERBERUS."
This article will also interest you: How to get around two-factor authentication (2FA)?
for Threatfabric researchers, because of course they were the ones who did the malware can be used to bypass platforms users would like to access. This poses a real problem security because it will undermine this system that has long been considered as the safest. For this reason, experts are afraid that this will happen popularize.
It should be noted that this malware has been detected since 2019 on several forums. Generally these were platforms dedicated to product rental. Originally, it was capable of serving as a keystroke recorder. Allowing its editors to retrieve a lot of apartment references to trapped users such as SMS, user contacts, calls made, etc. In other cases, it may have been possible for hackers to control smartphones even remotely. Or even install apps without the main user's knowledge.
But recently the virus has mutated, now having other features that we know of it. That is, stealing the identification codes to authenticate to several factors, via Google authentificator: "The Trojan can now also steal the 2FA codes generated by the Google Authenticator application, abusing accessibility privileges. When the application is launched, the Trojan can get the content of the interface and transmit it to the server[des pirates, ndlr]. Once again, it can be inferred that this feature will be used to bypass authentication services that depend on OTP codes," Explain Threatfabric specialists.
that reassuring in all of this is that, for the time being, the use of such a program is not widespread at all. Fortunately. It would seem that this is not testing phase because publishers have not undertaken an advertising campaign around their computer program.
All the more reason to be on his guard. Because it is clear that dual-factor authentication has now become the target of hackers. The safest method so far found to increase the security of users on the web. And without lying it is the most recommended method today by experts. While the SMS-send authentication system has always been criticized as being vulnerable because of the Sim Swapping technique. Phenomenon that made the use of Google authentificator very famous, is now being taken backwards by CERBERUS. Caution is now the order of the day. To believe that one cannot be protected anywhere.
Now access an unlimited number of passwords: