News has broken that researchers at Slovakia’s ESET have identified a new banking Trojan that bypasses PayPal’s two-factor authentication (2FA) to steal funds – waiting until have fully logged in before enabling its exploit. The multifaceted malware also has a secondary function, downloading HTML-based phishing overlay screens for five – Google Play, WhatsApp, Skype, Viber, and Gmail – an initial list that can be dynamically updated. ESET discovered the malicious in November.

Corin Imai, Senior Security Advisor at DomainTools:

- isbuzz expert 10 260x300 - New Android Trojan Targets PayPal Users

“Phishing campaigns centred around mobile devices are on the rise. This campaign should be of particular concern to PayPal users, particularly those who re-use credentials across multiple accounts; while a cybercriminal accessing your PayPal account is damaging, the lack of credential hygiene displayed by majority of the population ultimately access to multiple accounts. If you believe you have installed the malicious app, it’s imperative you find and delete it from your operating system or wipe your phone, and change all passwords for accounts hosted on your mobile device.”

Source link
Based Blockchain Network


Please enter your comment!
Please enter your name here