Thought Your Money Was Safe in Banks Due to OTPs? This Android Malware Can Bypass it


For most of our banking transactions done online, what really helps us sleep peacefully at night is in knowing that even if someone manages to steal our credit or debit card details, they would not be able to steal our hard-earned money unless they get access to the one-time passwords (OTPs), which only we are privy to for respective accounts. Also known as two-factor authentication (2FA), OTPs have often been regarded as a safer way to conduct transactions online in order to prevent unauthorised access of your money.

However, OTPs have, over time, been known to not be failsafe, and Alien, a newly conceived trojan tool, is one prime example of how your banking app may be compromised. The Alien remote access threat tool is believed to have evolved from the Cerberus group of banking malware that was designed for financial theft and related phishing activities. Disclosed by security researchers at ThreatFabric, Alien is a complete trojan tool that can be deployed by cyber attackers remotely. Some of its features include screen overlay attacks (where the trojan takes control of your phone’s screen, and in turn, all functions), SMS reading and manipulation, contact list access and harvesting, keylogging (an essential way of stealing passwords), location tracking and more.






Along with all of these features, ThreatFabric states that Alien can also read and identify notifications. As a result, it can read and recognise OTPs that you receive against any attempt to transact from your bank account, therefore completely bypassing the 2FA security that you had set up for your account. To do this, the malware seemingly deploys TeamViewer on infected or affected devices, which in turn give the attacker full control over your phone. In effect, this can completely compromise your bank accounts and credit cards, which makes it even more important for you to be vigilant about what you access or download on your phone.

According to ThreatFabric, some of the ways in which Alien might be spreading include spear-phishing (which uses apparently official email addresses to dupe users), or third party applications disguised for various purposes. Some of the apps that the malware tool is programmed to target include shockingly popular apps such as Snapchat, Telegram and Microsoft Outlook, as well as banking apps such as Capital One and Bank of America. As of now, it is not known whether the threat actors behind the Alien malware is targeting India, but ThreatFabric’s report pegs Europe, USA and Australia as the main victims.




Source link