Security News > 2020 > September > Android Malware Bypasses 2FA And Targets Telegram, Gmail Passwords
Researchers have uncovered a threat group launching surveillance campaigns that target victims' personal device data, browser credentials and Telegram messaging application files.
One notable tool in the group's arsenal is an Android malware that collects all two-factor authentication security codes sent to devices, sniffs out Telegram credentials and launches Google account phishing attacks.
The threat group has relied on a wide array of tools for carrying out their attacks, including four Windows info-stealer variants used for pilfering Telegram and KeePass account information; phishing pages that impersonate Telegram to steal passwords; and the aforementioned Android backdoor that extracts 2FA codes from SMS messages and records the phone's voice surroundings.
These include the TelB and TelAndExt variants, which focus on Telegram; a Python infostealer that is focused on stealing data from Telegram, Chrome, Firefox and Edge; and a HookInjEx variant, an infostealer that targets browsers, device audio, keylogging and clipboard data.
A Telegram bot was sending phishing messages warning recipients that they were making improper use of Telegram's services, and that their account will be blocked if they do not enter the phishing link.
News URL
https://threatpost.com/android-2fa-telegram-gmail/159384/
Related news
- New Android Malware 'Ajina.Banker' Steals Financial Data and Bypasses 2FA via Telegram (source)
- Android malware uses NFC to steal money at ATMs (source)
- New NGate Android malware uses NFC chip to steal credit card data (source)
- Cybercriminals Deploy New Malware to Steal Data via Android’s Near Field Communication (NFC) (source)
- New Android Malware NGate Steals NFC Data to Clone Contactless Payment Cards (source)
- SpyAgent Android malware steals your crypto recovery phrases from images (source)
- New Android SpyAgent Malware Uses OCR to Steal Crypto Wallet Recovery Keys (source)
- Beware: New Vo1d Malware Infects 1.3 Million Android-based TV Boxes Worldwide (source)
- New Vo1d malware infects 1.3 million Android TV streaming boxes (source)
- New Vo1d malware infects 1.3 million Android streaming boxes (source)