1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Android malware steals one-time passcodes

Discussion in 'Network World' started by RSS, Jan 13, 2016.

  1. RSS

    RSS New Member Member

    One-time passcodes, a crucial defense for online banking applications, are being intercepted by a malware program for Android, according to new research from Symantec.

    The malware, called Android.Bankosy, has been updated to intercept the codes, which are part of so-called two-factor authentication systems.

    Many online banking applications require a login and password plus a time-sensitive code in order to gain access. The one-time passcode is sent over SMS but also can be delivered via an automated phone call.

    Some banks have moved to call-based delivery of passcodes. In theory, that provides better security since SMS messages can be intercepted by some malware, wrote Dinesh Venkatesan of Symantec in a blog post on Tuesday.

    To read this article in full or to leave a comment, please click here

    Continue reading...
     

Share This Page