Google has been trying to create the most secure ways for its users to authenticate. If some are firm and well established, others have well-identified problems and are not truly safe.
Google Authenticator had proven its security, but now it seems to have fallen apart. New malware has been identified and is known to be able to steal the security codes from this authentication mechanism.
New malicious malware on Android
To ensure the safety of users, Google and other technology giants have chosen to use 2FA mechanisms. This 2-factor authentication guarantees a random component in authentication, which cannot be guessed or stolen.
This dogma seems to be increasingly far from being true, since SMS already tends to be abandoned, leaving only code generation apps. Even these, as we now know, are vulnerable.
The victim is Google Authenticator
Google Authenticator, one of the most used, now has a ready-to-use attack that allows code theft. Cerberus is a malware that already goes through the most obscure forums and it is known that it can steal the Authenticator codes.
A response from the research giant is still expected
Interestingly, this is malware created a few years ago, dedicated to stealing bank details, and which seems to have evolved into new areas of security. Threatfabric was the one found this new variant and has already warned of its dangerous character.
From what is known, Cerberus can read the screen of Android smartphones and thus steal the codes of Google Authenticator. Then move them to a central point, where they can be used to attack mainly user accounts.
Although it is not yet being exploited, it is important that this malware is already combated and mitigated. Only in this way can users be protected. It is important to remember that it is not only in Google services that these codes are used, there are many more where they are essential.