Users who have installed the malicious application called "2FA Authenticator", They should delete it immediately from their device, as it is loaded with Vultur stealer malware.
Αremained available for more than two weeks, a malicious two-factor authentication application (2FA) was removed from Google Play - but not before it goes down more than 10.000 times. The application, which is fully functional as 2FA Authenticator (two-factor authentication), but comes loaded with Vultur stealer malware that aims to steal financial data.
Users with the malicious application, which is directly called "2FA Authenticator", Are advised by its researchers Pradeo delete it immediately from their device, as they are still at risk - both from the theft of login details in bank accounts, and from other attacks made possible by the extended authorizations received by the application, bypassing the control of licenses by the system of Android.
The creators of this dangerous application have disguised it as a seemingly innocent and useful application, using part of the code from Aegis Authenticator, but adding various malicious modules, and managing to spread through it Google Play without being able to be easily identified, according to a Pradeo report published last Thursday.
As a result, this dangerous application has successfully disguised itself as an innocent authentication tool, maintaining a low risk profile, and deceiving users who thought they had installed an application that would protect them from breaches of login data they retain in banks. the accounts.
Once downloaded, the application installs Vultur banking trojan, which steals financial and banking data on the compromised device - but can do much more.
The malicious software Vultur remote access trojan (RAT) was first identified by its analysts ThreatFabric last March, and was the first of its kind to be used keylogging and screen capture as the main tactic for theft of banking data, allowing the Hackers team to automate and improve the credential collection process.
Once the device is completely compromised, the application installs it Vultur, an advanced and relatively new type of malware that targets mainly online banking applications, and can easily and without the user realize, steal their bank account credentials and other critical financial information, the report states.
Her team Pradeo stated that while the researchers submitted their revelation about the danger of this application in Google Play, however the malicious application 2FA Authenticator which was loaded with the banking trojan remained available on Google Play Store for more than 15 days, causing victims to fall over 100 thousand users who managed to download it from the Google App Store.
CAUTION :
If you are one of those who have downloaded this dangerous application, immediately after deleting it from your device which should be done immediately, you should also change all the codes that you have stated in your bank accounts, in order to do not find yourself in front of unpleasant surprises.
Do not forget to follow it Xiaomi-miui.gr on Google News to be informed immediately about all our new articles! You can also if you use RSS reader, add our page to your list by simply following this link >> https://news.xiaomi-miui.gr/feed/gn
