Top
image credit: Tony Webster / Flickr

Google Play hosted phishing apps impersonating Turkish cryptocurrency exchange

June 17, 2019

Via: The Next Web
Category:

Malicious apps impersonating Turkish cryptocurrency exchange BtcTurk are circumventing Google’s recently adopted security enhancing measures.

According to researchers, the apps are accessing one-time passwords (OTPs) and SMS-based two-factor authentication (2FA), was well as some email-based 2FA systems.

By impersonating the cryptocurrency exchange, the apps are able to phish for users’ login credentials.

Instead of intercepting SMS messages to bypass 2FA protection on users’ accounts and activity, the malicious apps take the OTP from notifications appearing on the comprised device’s display.

Read More on The Next Web

RELATED PUBLICATIONS

US Senate passes bill to ban TikTok: Here’s what happens now
Gemini Code Assist to Create APIs, Integrations, and Automation Flows in Public Preview
Focusing on the wrong open source issues

Latest Publications

US Senate passes bill to ban TikTok: Here’s what happens now
Is the Arm version of Windows ready for its close-up?
Gemini Code Assist to Create APIs, Integrations, and Automation Flows in Public Preview
Software Curated Copyright © 2024. All rights reserved
Go to ITCurated!