Security & Fraud

Android Malware Hacks One-Time Codes


Accounts protected by two-factor authentication may face a greater risk of being hijacked by a newly updated Android malware, IT News reported Tuesday (Jan. 12).

The capabilities of the malware, which was originally discovered by Symantec back in 2014 and is called Android.Bankosy, were updated to steal the time-sensitive codes that are typically sent out as an added security measure when attempting to log into mobile applications with two-factor authentication. In most cases, the one-time passcodes are sent via SMS or delivered through an automated phone call.

While many online banking applications have moved to using the call-based passcodes, since SMS messages can be captured by some malware, Android.Bankosy now has the ability to forward the calls directly to hackers.

“Once the malware is installed on the victim’s device, it opens a back door, collects a list of system-specific information and sends it to the command and control (C&C) server to register the device and then get a unique identifier for the infected device,” Dinesh Venkatesan of Symantec explained in a blog post. “If the registration is successful, it uses the received unique identifier to further communicate with the C&C server and receive commands.”

“Once the unconditional call forwarding is set on the victim’s device, the attacker — who has already stolen the victim’s credentials (the first factor in two-factor authentication and authorization) — can then initiate a transaction,” Venkatesan continued.

The malware also has the ability to disable and enable the silent mode on a mobile device, as well as lock a device so that the victim is unaware when an incoming call takes place.

Symantec recommends users adhere to best practices, like keeping software up to date and refraining from downloading apps from unfamiliar websites, in order to help mitigate the threat of malware on their mobile devices.



The How We Shop Report, a PYMNTS collaboration with PayPal, aims to understand how consumers of all ages and incomes are shifting to shopping and paying online in the midst of the COVID-19 pandemic. Our research builds on a series of studies conducted since March, surveying more than 16,000 consumers on how their shopping habits and payments preferences are changing as the crisis continues. This report focuses on our latest survey of 2,163 respondents and examines how their increased appetite for online commerce and digital touchless methods, such as QR codes, contactless cards and digital wallets, is poised to shape the post-pandemic economy.