Club Benefits
You are now subscribed
Your newsletter sign-up was successful
Want to add more newsletters?
Daily (Mon-Sun)
Tom's Guide Daily
Sign up to get the latest updates on all of your favorite content! From cutting-edge tech news and the hottest streaming buzz to unbeatable deals on the best products and in-depth reviews, we’ve got you covered.
Weekly on Thursday
Tom's AI Guide
Be AI savvy with your weekly newsletter summing up all the biggest AI news you need to know. Plus, analysis from our AI editor and tips on how to use the latest AI tools!
Weekly on Friday
Tom's iGuide
Unlock the vast world of Apple news straight to your inbox. With coverage on everything from exciting product launches to essential software updates, this is your go-to source for the latest updates on all the best Apple content.
Weekly on Monday
Tom's Streaming Guide
Our weekly newsletter is expertly crafted to immerse you in the world of streaming. Stay updated on the latest releases and our top recommendations across your favorite streaming platforms.
Join the club
Get full access to premium articles, exclusive features and a growing list of member rewards.
Android users, beware. A security consulting firm has identified a malware upgrade that can remotely access smartphones to steal unlock credentials and 2FA Google Authenticator codes.
The update report comes from Dutch mobile security firm ThreatFabric (via ZDNet) and details the alarming Remote Access Trojan (RAT) capabilities bestowed on the Cerberus banking Trojan that launched last summer. When enabled in a victim's phone, RAT features let Cerebrus operators record the user's unlock PIN, swipe pattern and even Google Authenticator's 2FA codes.
- The best antivirus right now
- Plus: Apple Powerbeats 4 launching soon: What we know so far
- More security scares: 3 billion images stolen from facial recognition database
Google Authenticator is a useful tool that helps people add an extra layer of security to their important accounts, including those used for online banking. But according to ThreatFabric, Cerberus's new RAT powers would let attackers steal the 2FA code, access a victim's financial account and transfer funds to themselves.
Of course there's a plethora of information hackers could nab with Authenticator codes, but banking is Cerberus's usual target.
Because Google Authenticator codes are created and stored locally on phones, online accounts with 2FA layers from Authenticator are considered better protected than those that use one-time, SMS-based credentials.
But should Cerberus's RAT upgrade reach bad actors, Authenticator would be compromised.
To some relief, ThreatFabric says the RAT feature is not active in version of Cerberus currently advertised and sold on hacking forums. However, researchers say it "might be released soon," meaning hackers could get their hands on the advanced malware.
Knowing that malware has these new capabilities likely means measures are already being taken by Android and app developers to bulk up software security.
Although there's no action users can take now, make sure to always install security updates as soon as they become available.
