‘Escobar’ Android Malware Attacks Your Google Authenticator Codes

Hotstar in UAE
Hotstar in UAE

Android is facing a new threat in form of an ‘Escobar’ malware, which is attacking Google Authenticator MFA codes. Well, this malware is not entirely new, but it has resurfaced, which is why we’re talking about it.

‘Escobar’ Android malware can take control of your smartphone, if you let it

This malware can take over your smartphone, and even steal multi-factor authentication (MFA) codes which are being generated by Google’s Authenticator app.

Now, ‘Escobar’ is not new, but it wasn’t known by this name before. It is actually a new version of the ‘Aberebot’ Android banking trojan. It is a new and improved version of that trojan, unfortunately.

According to Bleeping Computer, Escobar can “take control of the infected Android devices using VNC, recording audio, and taking photos, while also expanding the set of targeted apps for credential theft”. All that on top of the fact it can grab MFA codes.

In essence, it functions really similarly to other malware programs of that type. It will work as an overlay on your phone. It will throw fake login screens your way, in order to try and get you to reveal your credentials.

It can do a lot of damage

Now, this malware can do a lot of damage. It can target 190 financial institutions, but it does require a lot of permissions too. In other words, if you’re smart enough not to provide it such permissions, this malware won’t be able to do any damage.

Luckily, this malware does have some considerable limits at the moment, according to the source. It costs a couple of thousand dollars for an operator to obtain, that’s one example, and one of the most notable ones.

All in all, this app can do a lot of damage, but if you’re at least a little bit careful, you’ll figure it out in time. Just make sure to check where you type in your login credentials, and also make sure not to allow every single app to access a ton of permissions on your device.

2022-03-14 15:04:52