CREATIVE PROGRAMS AND SYSTEMS

PROFESSIONAL PEOPLE. PROFESSIONAL RESULTS.

info@cpsmi.com

810-224-5252

Malicious Authenticator App Stealing Bank Information

February 9, 2022

An Android app posing to provide two-factor authentication in the Google Play store has turned out to be malicious. With over 10,000 phones affected, the app was available for 15 days.

The malicious app, called 2FA Authenticator, is no longer available on the Google Play Store. The app description read, “A secure authenticator for your online services, while also including some features missing in existing authenticator apps, like proper encryption and backups.”

In reality, the app was stealing financial information by copying an open-source code from a well-known legitimate app (Aegis Authenticator) and then copying malicious code into their own app. The 2FA Authenticator app was able to pass through the Google Play Store’s security checks but turned malicious once installed on an Android user’s phone or tablet.

Most apps ask for user permission once installed on the smartphone or device. The 2FA Authenticator app requested “critical permission,” which allowed it to execute a number of tasks such as:

  • Disabling keyboard lock
  • Disabling password security
  • Downloading third-party apps (and updates)
  • Running in the background after the app is closed
  • Placing an overlay on other apps
  • Having complete access to user data

Once the 2FA Authenticator app is installed, a Remote Access Trojan (RAT) is downloaded and installed. This trojan, called Vultur, records screens and keystrokes to capture details entered into banking apps. In return, criminals can quickly empty bank accounts, cryptocurrency wallets, and more.

If you or someone you know has installed the 2FA Authenticator app, uninstall it immediately. Contact your banking or financial provider quickly to ensure your accounts have not been compromised and change your passwords.

Hackers got your data? We can help get it back. Contact the virus professionals at Creative Programs and Systems today.

Founded in 1994, Creative Programs and Systems provides professional results for all computer needs. We design, create, and code an array of custom software programs and websites; offer top-notch digital marketing services including enhanced Search Engine Optimization (SEO) and paid advertising; repair and provide support for computers of both residential and professional nature; build custom systems and servers, and offer secure data backups. Need assistance or want to learn more? Call us at 810-224-5252 or e-mail info@cpsmi.com.

Written by the digital marketing staff at Creative Programs & Systems: www.cpsmi.com.

Recent Posts

Categories