If you thought that the two-factor authentication (2FA) method was foolproof against any hacking attacks, think again! ESET, a cybersecurity company and creator of the antivirus software NOD32, reported on 17 June that a new Android phishing virus is apparently on the loose. It overrules Google’s SMS permissions restrictions and peeks into your text message inbox to get hold of 2FA codes.
The report also added that these malicious apps could easily circumvent the permissions settings and restrictions implemented by Google and gain access to not only the one-time-passwords sent via text messages but also email-based codes.
The malicious apps are known to mask themselves as the Turkish cryptocurrency exchange BtcTurk and try to phish for login details for the website. The report states:
“[the malware] …instead of intercepting SMS messages to bypass 2FA protection on users’ accounts and transactions, these malicious apps take the OTP from notifications appearing on the compromised device’s display.”
The app also ensures that the user doesn’t notice the ongoing attack in the background, and “besides reading the 2FA notifications, the apps can also dismiss them to prevent victims from noticing fraudulent transactions happening”.
The virus-laden app was first uploaded onto Google Play Store on 7 June with the name of BTCTurk Pro Beta by an account called BTCTurk Pro Beta. Around 50 users installed the app before ESET reported it to Google leading to instant removal. After this ordeal, two more versions of the fraudulent app were uploaded in quick succession and subsequently removed from the store.
Recently there has been a surge in cyber attacks and fraudulent activities in peer-to-peer (P2P) cryptocurrency exchange in an attempt to phish for user account credentials, highlighting the need for proper security measures.
BitcoinNews is committed to unbiased news and upholding journalistic codes of ethics. For more information please read our Editorial Policy here.
Follow BitcoinNews on Twitter: @bitcoinnewscom
Telegram Alerts from BitcoinNews: https://t.me/bconews
Image Courtesy: pixabay.com
The post Android Phishing Malware Impersonates Turkish Crypto Exchange appeared first on BitcoinNews.com.