In Google Play apps discovered to bypass two-factor authentication

Anti-virus company ESET reported the discovery of its experts in the Google Play number of malicious apps that seek to access one-time password to bypass two-factor authentication.

Fake apps were disguised as legitimate cryptocurrency exchange BtcTurk.

After running one of three applications (BTCTurk Pro Beta, Pro Beta BtcTurk and BTCTURK PRO) user has sent the request to access the notification, then appeared a window to enter credentials into the system BtcTurk.

By Entering authentication information, the user got a message about technical problems and cannot continue registration. All entered information and the pop-up notification with authentication code was sent to the remote server of cyber criminals.

While scammers only saw the text box pop-up messages. If it does not contain the password, then the attempt to bypass two-factor authentication failed.

ESET notes that the detection of malicious applications with similar functionality — the first known case since the introduction of access restrictions Android apps for call log and SMS.

Related Posts