Android malware impairs Google Authenticator's verification access

Passwords and codes are being stolen by “CERBERUS” malware

A trojan virus known as “CERBERUS”, is a malware that is recently worrying Google, because it has the capability to steal generated codes in the “Google Authenticator” app, completely cancelling the Two-Factor Authentication (2FA) code.

Let’s remember that Google Authenticator, it’s a system that generates temporal 2FA codes when we log in on one of our e-mail accounts. This system has the peculiarity of dificulting any unwanted login, granting the user a double verification login.

This trojan was discovered in august 2019 and it has been infecting other devices to steal these codes and gain access to user accounts.

Another peculiar fact, is that CERBERUS has the capacity to remotely access the phone when it’s already infected. The report indicates that cybercriminals can access the infected device and manipulate information that the user is handling, either passwords or any other files.

How does the trojan manage to persuade Google Authenticator?

According to the report, the malware manages to get access granted through accessibility permissions, using different tools that allows it to read the device’s screen and user apps, with the purpose of gaining access to necessary information that Google Authenticator shows.

At the moment, Google is working on a safer update that allows to counterattack.

If you are looking a cybersecurity company that brings you reliability and transparency to protect your personal files, contact us for free through the next link:

Click image: