As recently reported by
Russian anti-virus organization Doctor Web, a new trojan malware is on the
loose propagating through Android based devices that, among other things, is
capable of intercepting the SMS text messages frequently used to facilitate two-factor
authentication. The trojan, which is a form of an already known family of
malware called the ‘Android.Pincer’ family, manages to fool unsuspecting users
into installing it by posing as a security certificate that prompts that it
needs to be installed.
Once the user allows its
installation, it then shows another faux message stating the “Certificate
installed successfully! Your device is protected now.” Meanwhile, the
malicious app begins to collect personal data from the phone to then forward to
remote servers. What’s more is that once the data is sent, the app enters a
‘wait for instructions’ mode during which it can receive commands from
attackers, allowing them to begin sending SMS messages from specified numbers,
terminate and execute applications on the phone, and intercept incoming
messages.
By intercepting incoming
messages, this malware is a first of its kind, capable of reading OTPs
(One-time passwords) intended for two-factor authentication, hence negating the
enhanced security the mechanism provides.
An age where we must be
equally as wary of catching viruses on our phones as we are on our PCs is
rapidly approaching. Please ensure that when you hit that ‘allow’ or
‘install’ button, that you’re perfectly aware of whatever or whomever it is
you’re allowing access to your data!
previous article
Newer Post
No comments
Post a Comment