For most of our accounts be it Bank accounts or social media accounts, we rely on two-factor authentication and OTP (one time password); thinking it the most trustable and impenetrable security. But we ought to think again as a new android malware, "Alien" with its remote access threat tool can steal 2FA codes and OTP as well as sniff notifications.
Discovered by ThreatFabric, the Trojan Alien has been offered as a Malware-as-a-Service (MaaS) making rounds on underground hacking forums. Though this is not the first malware to access OTPs, Ceberus (malware gang with a similar code) has already been there and done that but Google's security found a way to detect and clean devises of Cerebus. Inspired and evolved from the same code, Alien has yet to be caught by a security server.
With the remote access feature, Alien can not only seize passwords and login credentials but also grant hackers access to the device to use the stolen passwords. Alien can also perform the following tasks:
Overlay on another App
Steal 2FA and OTP
Read Notifications
Collect Geo-location data
Forward Calls
Install other Apps
Steal Contacts
Provide access to the device
Log Keyboard Input
Send Messages
This set of activities makes this malware highly dangerous and the device infected with it completely transparent to the hacker and to think it is offered as MaaS. The malware deploys TeamViewer and through it reads the devise's screen, notifications, harvest OTPs and other data - giving full reign of your device to the hacker to attempt fraud, steal money and data.
How is it Spreading?
According to ThreatFabric, the malware is transmitting via phishing emails and third-party applications. Researchers found that Alien was sporting fake logins for 226 android apps, some of them quite po ..
Support the originator by clicking the read the rest link below.
