Two-factor authentication is a secure way to log into your applications or web pages, which we have discussed on multiple occasions. Millions of Android users use this method in some of their accounts, as it is considered the most secure method. However, a malicious program has now been discovered that can also bypass security on this system.
Security research by Check Point revealed the presence of such malware on Android. A group of Iranian hackers used a series of tools to access victims’ devices, even bypassing the two-factor authentication process.
Among the tools discovered by this group is one that allows bypassing two-factor authentication. In this case, it is malware designed to create a backdoor on Android devices. By inputting the same thing on phones, hackers can access contact lists or messages (sent and received), as well as recordings made using the microphone or open fake web pages.
By having this level of control over the device, they can bypass two-factor authentication. Since this system usually sends a text message to the user when logging into an account and they have to confirm the code sent via text message to access the account. What these hackers did was intercept and redirect these SMS messages at all times.
Additionally, they opened a fake webpage to make the user think it was a real website, allowing them to obtain user credentials without the user realizing what was happening. Although it was a group of Iranian hackers, the malware was discovered in an app in Sweden, aimed at Persian speakers learning driving rules in Sweden, such as obtaining a driver’s license.
The number of affected individuals is unknown, but it seems to be somewhat limited. While two-factor authentication can also pose some risks, it is still recommended for use as it remains the safest and most reliable method currently when logging into your accounts.
