Hackers use Twitter Card vulnerability and attack users
infosec

Hackers use Twitter Card vulnerability and attack users

Twitter was found with a new vulnerability, which could allow hackers to attack its users ...
Read More
infosec

Firefox 70 brings Lockwise password manager. Get ready for a lot of hacks!

Mozilla brings Lockwise password manager to Firefox 70, which is expected to be released on October 22. Firefox ...
Read More
inet infosec

Google buys random human data for just $ 5

Google is one of the world's largest technology companies and is constantly working on new, innovative projects. It employs a ...
Read More
infosec

How dangerous and frequent is an attack on RDP-enabled computers?

How long does it take for an attack on RDP-enabled computers? In some cases, a few minutes. In most, less than 24 hours. The...
Read More
infosec

Watchbog: Attacks on servers to "keep the internet safe"

Hackers are exploiting vulnerable Jira and Exim servers to infect them with a new variant of Watchbog Linux ...
Read More
Latest Posts

Google: Hackers bypass 2FA Authentication security!

When Google restricted the use of login rights SMS and Call Log applications Android in March of 2019, one of the positive results was that apps that shed credentials lost the option to abuse these rights to bypass two-factor authentication (2FA).

Unfortunately, however, malicious apps that have access to one hour passwords have recently been found (OTP) to SMS 2FA without using SMS rights, bypassing Google's recent restrictions. As a bonus, this technique also works to acquire OTPs from some systems 2FA.

Google

Applications imitate the Turkish cryptocurrency exchange BtcTurk and attack through phishing to steal login credentials into the service. Malicious applications receive OTP from the alerts displayed on the victim's screen. In addition to reading 2FA notifications, apps can also hide them to prevent the attackers from capturing the attack.

Malicious software, all of whose forms are detected by products ESET is the first to bypass the new SMS permission restrictions.

The first of them malicious applications which was detected, was uploaded to Google Play on 7 June 2019 as "BTCTurk Pro Beta" under the developer name "BTCTurk Pro Beta". It was installed by more than 50 users before reported by ESET to Google security teams. BtcTurk is a Turkish one cryptocurrency exchange. The official mobile app is linked to the exchange site and is only available to users in Turkey.

The second application was downloaded on June 11 2019 as "BtcTurk Pro Beta" under the developer name "BtSoft". Although the two applications use a very similar format, it seems to be the work of various attackers. The application was reported to 12 June 2019 when it was installed by fewer than 50 users.

After removing this second app, the same intruders uploaded another application with the same functionality, this time under the name "BTCTURK PRO" and using the same developer name, icon and screenshots. The application was reported on June 13 2019.

For more technical details, click here.

Share
Do you have an opinion? Leave your comment.

The author allows you to copy his / her text only if you report the source (SecNews.gr), as an e-mail address (Live URL) of the article.
Updated on by

Reader Interactions

Leave a reply

Your email address is not published. Τα υποχρεωτικά πεδία σημειώνονται με *