Malware, "Cerberus", on Android Can Steal 2FA-Protected Accounts
engine
12:53 pm on Feb 28, 2020 (gmt 0)
Researchers have reported that a new version of the "Cerberus" malware, under test, is able to steal one-time passcodes produced through Google Authenticator.
"When the [Authenticator] app is running, the Trojan can get the content of the interface and can send it to the [command-and-control] server,"
Omitted in the title is "Google Authenticator", which is an important part of this news article. This is not about general 2FA, but only in relation to the Google app. Also, the article doesn't go into detail about stealing 2FA protected accounts, but about stealing 2FA codes displayed on the user interface of Google Authenticator.
