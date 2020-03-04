2FA is two-factor authentication and it’s supposed to protect you from malware and other attacks. There’s a new Android malware called Cerberus that’s likely to make it into the wild very soon. This is actually pretty scary since this malware is able to steal those 2FA codes.

As you likely know, two-factor authentication codes are a one-time password that can be generated on Android devices. This process is done using the Google Authenticator app. With Cerberus, you’re no longer protected since this malware can actually steal them.

Android Malware Dubbed Cerberus Steals 2FA Codes

The 2FA codes that are generated through the Google Authenticator app is supposed to be more secure for your online accounts. These codes are thought to actually be more secure than the old SMS codes. That is possible since it’s not traveling down through various networks. Cerberus is a banking trojan that’s been around for a little bit now. It’s the newest strain that is capable of stealing the 2FA codes.

Researchers at ThreatFabric first noticed the variant of Cerberus that can grab the 2FA codes. It also can just circumvent all of the protections that Google Authenticator is supposed to have. This malware is able to do this by abusing the various Accessibility privileges. The most interesting part about this news is that multi-factor authentication hasn’t really been cracked by many malware strains out there. Being able to circumvent the multi-factor authentication puts Cerberus in a very small group of elite malware strains. For most people, this news is terrifying since it means malware is changing and evolving rather quickly.

Cerberus Malware Potent & Targets Banking Information

It’s important to note that Cerberus is a banking trojan, which means it can very easily steal your banking information and login details. Even the most current versions out in the wild are considered elite. The malware strains that have been infecting users actually utilize the same techniques as remote access trojans. Remote access trojans, which are also known as RATs, are some of the most sophisticated and potent types of malware out in the world these days.

With Cerberus, a hacker can connect right to the Android device that’s infected. It will then circumvent or steal the 2FA codes through the app. Once those codes are stolen, the hacker can then access your online banking account and relevant details. It’s expected that the bypass of 2FA will be used most often to go after banking details. It really could be used for any service or app that uses 2FA for security. Any accounts that use Google Authenticator as protection are vulnerable, including email accounts.

Cerberus Malware Hasn’t Yet Been Publicly Released

While all of this information is definitely alarming, the only good news, for now, is that this strain of Cerberus hasn’t been publicly released yet. It hasn’t shown up on the popular hacking forums as of this article, but researchers are speculating that it’s likely going to be released in the future. Cerberus seems to still be undergoing some testing before the final version is released. Once the final version is released on the hacking websites, it’s going to be game on in terms of hackers using this strain of malware.

In the comments below, we want to know whether or not you’re concerned with Cerberus and the threat that this malware poses. Have you ever heard of malware being able to circumvent or steal 2FA before? Do you think that Cerberus is actually going to be released to hacking forums? Are you someone that uses the Google two-factor authentication for your banking app and for other sensitive information?

We will make sure to keep an eye on this and let you know if we hear about Cerberus coming out on the hacking forums. If you have had experiences with a banking trojan on your Android device, we want to hear about it. What did you do to get rid of it and what activities were you doing when it showed up on your device?