Calendar
  • No events
AEC v1.0.4

Cyber Security Info
@Cybersecurityinfo

Banking trojan forces users to install malicious Android app to circumvent two-factor authentication

April 18, 2014

Share Button

ESET has analyzed banking trojan Qadars that uses mobile trojan iBanking to circumvent two-factor authentication. Qadars injects JavaScript code into any Facebook page visited by the user. It tries to lure him/her to install an app for Android mobile phone disguised as a security code generator. In fact, it is the malware known as iBanking whose source code has recently leaked. IBanking is used to forward SMS messages to the attacker thus allowing for circumvening the two-factor authentication.

Share Button

Comments