Two-factor authentication (2FA)is one of the best methods for keeping your accounts safe from cybercriminals. It’s an added layer of protection beyond passwords that requires another way to prove who you are when logging into online accounts.
In theory, nobody should be able to access or intercept your 2FA code, but cybercriminals use sophisticated technology to get around this limitation. There’s another way criminals are intercepting 2FA codes. This method uses a fake SMS app to steal data.
Read on for details on this malicious app and a few ways to protect against these threats.
Here’s the backstory
Using 2FA lets you verify your identity when logging into an account. Some platforms, like Facebook, use a unique code generator for 2FA security. But one of the most popular ways to receive 2FA codes is through text message. If someone grabs the code before you, they could use it to log into your account.
A security researcher with Evina discovered a fake text messaging app on the Google Play Store designed to steal 2FA codes. The app Symoo claims to be a messaging service and is ranked number one on the Google Play Store in several countries. However, the app does far more than what it says.
Evina explains in a blog post that if you download and launch Symoo, you’ll see a screen claiming the app is loading. What’s really happening is the app is working in the background to launch a program that steals your phone number to intercept SMS messages and send them to an external server.
The criminals behind the app then use the stolen phone numbers to impersonate users and create fake online accounts while collecting the 2FA text messages. The app has been downloaded more than 100,000 times.
What you can do about it
Maxime Ingrao, a malware analyst at Evina, explains that the stolen details are then sold on a marketplace to create fake accounts on popular social networks like Facebook, Twitter, Telegram or Google.
It can be challenging to spot malicious apps, but there are a few ways to stay safe online.
- Never download an application from third-party libraries. Instead, always use the Google Play Store or Apple’s App Store.
- Always check the comments and reviews on an app before you download it. As with Symoo, several reviewers commented that the app was fake. When you see negative reviews like this, run away without downloading the app.
- Go through your app library often and uninstall applications you no longer use. Not only will you free up space, but you could be eliminating bad apps that are working behind the scenes.