Today's Hard|Forum Post
Today's Hard|Forum Post

Tuesday January 19, 2016

Android Malware Defeats Two-Factor Authentication

Uh oh, all you Android users out there need to read this.

Once installed on a device, Android.Bankosy creates a back door that opens communication with a command and control server. Once the command and control server has user identification information آ– the first factor in two-factor authorization آ– it can set up unconditional call forwarding. Then it can initiate a financial transaction and the call with the one-time password goes straight to the third party.