{Warning} New Malware is stealing your Google 2FA!!

[TheBeardedBaby]

There's a new version of the "Cerberus" Trojan horse for Andoid phone which is now able to steal your one-time codes from Google Auth. App.
Stay alert.

Security researchers say that an Android malware strain can now extract and steal one-time passcodes (OTP) generated through Google Authenticator, a mobile app that's used as a two-factor authentication (2FA) layer for many online accounts.

Some people already got hacked their exchange accounts: https://twitter.com/scottmelker/status/1371453355688656898
Don't store significant amount of money on Exchanges...

Source here: https://www.zdnet.com/article/android-malware-can-steal-google-authenticator-2fa-codes/

[1715186113]

1715186113

[1715186113]

1715186113

[The Cryptovator]

Really shocked. How peoples would save their funds where even Google 2FA could steal from the device? If using mobile phone verification then it's also could be stolen with the help of operator helps. It's time to think for something else from the end of Google. If continuously happen that then peoples will lose faith from  Google 2FA although that's no a mistake of Google.

Anyway, we should use high reputed exchange where ask for multiple verifications. For example, Binance requires me 3 step verification during withdrawal, Google 2FA, mobile, and email verification.

[bitmover]

There's a new version of the "Cerberus" Trojan horse for Andoid phone which is now able to steal your one-time codes form Google Auth. App.
Stay alert.

Anyway, we should use high reputed exchange where ask for multiple verifications. For example, Binance requires me 3 step verification during withdrawal, Google 2FA, mobile, and email verification.

As times goes new security protocolos shows up , just as new form of attacks.

The most secure method is still the old cold storage... note down the seed in a piece of paper, and keep it safe.

And the second most important thing: safe habits online. Don't download shit, don't watch porn, don't crack software, etc and you will have a much safer computer/internet experience.


For exchanges, even email + 2FA +password falls with this new attack. If the attacker has the 2FA in his phone, he can certainly get his hands on the email which is in the same phone as well.

Personally, there are so security problems in exhcnages that I leave only a few hundred bucks (at the most) in all of them. I think binance is the best basically in every aspect, but even so I wouldn't trust more than a few hundred dollars there.

[skarais]

A scenario that should be practiced based on other people's experience is to use GA on a device that is not connected to the internet. That will provide a good level of security because I know hackers won't be able to do anything as long as the device is not connected to the internet. But I'm sure not many people have done this so far.

Really shocked. How peoples would save their funds where even Google 2FA could steal from the device? If using mobile phone verification then it's also could be stolen with the help of operator helps.

I know that some of us are people who do a lot of CTRL-C and CTRL-V when using code from GA. It reminded me of the @LoyceV thread of how someone loses bitcoin just because of the CTRL-C and CTRL-V for their bitcoin address. It must be user aware (Clipboard Hijacker Malware Monitors 2.3 Million Bitcoin Addresses). In addition, you should not store large amount of asset as a substitute to avoid thing that are not desirable.

[vapourminer]

There's a new version of the "Cerberus" Trojan horse for Andoid phone which is now able to steal your one-time codes from Google Auth. App.
Stay alert.

[...]

Source here: https://www.zdnet.com/article/android-malware-can-steal-google-authenticator-2fa-codes/

yubikeys ftw


you can also configure a trezor as a yubikey.

edit: a rooted phone is just asking for trouble. dunno if the affected phones were or not.

[ecnalubma]

Hackers will always find a way to steal someone’s important credentials like passwords and its no surprise that they managed to steal some users 2FA codes since its most popular way to secure websites account. Not an android user anymore for three years but its still alarming and one day they might manage to exploit iOS devices most probably.

[ScamViruS]

Hackers will always find a way to steal someone’s important credentials like passwords and its no surprise that they managed to steal some users 2FA codes since its most popular way to secure websites account. Not an android user anymore for three years but its still alarming and one day they might manage to exploit iOS devices most probably.

Sometimes scammers do not get access to the user's account even after getting other information including the user's password. Then they look for other ways to gather more information, including finding different ways to steal 2FA's information. This information is very sensitive for crypto users, so that their accounts are in danger.

The scammers continue their scam missions, they are not stopping their activities, so the crypto community should expose their activities.