A New Virus Breaches PayPal’s 2FA To Steal All Your Money

Must Read

The Growth of OTT: Blip in the Radar Or a Real Threat to Traditional TV?

People are attached to their smartphones way more than they're to any other gadget. In fact, the average person...

Are You A Gaming Geek: ‘Five Commandments’ Before You Buy Video Games Online !

Does your day start with joysticks instead of coffee mugs? Or as a kid your best friends were the...

Top Softwares for Business in 2021 That Every Startup Entrepreneur Must Use

In the conditions of the global pandemic and economic crisis, small and medium-sized businesses face different problems and do...

If you are one of those active users of PayPal, this could be alarming for you. There’s a new trojan virus on the prowl now. And it plans to take all your money away from you through the Paypal app. Let us sit back and look at this digital nuisance a bit more clearly.

The most important thing about computer viruses, especially trojans, are their disguises. They may be coming across as a utility app which doesn’t execute itself upon execution, an insignificant app asking for a lot of permissions, etc. In this case, the trojan disguises itself as a battery optimising tool. You can check the image of the malware app in the photo below.

It is available for download via third-party app stores. Once it is in fact installed in your device, the app terminates itself before execution and hides its icon. It is then that the malware gets down to business.


Hacking Paypal Accounts

Now that the installation of the malware into the device is completed, it is now time for it to act up. But no malware can act up unless we allow it to. Yes, you heard that right. All the malware gets the kind of dangerous access that they want because of us allowing them to do so through permissions. In this case, the permission would come across to “Enable Statistics”. May sound really harmless but is indeed very dangerous.

Once it has the permission that it needs, it prompts the user to use the official Paypal on the phone, provided that it is installed. Once the user logs in, the trojan virus gets in too. It then sends funds to the owner of the virus through a series of clicks, all within 5 seconds. It is just not possible to take evasive action during that time. What’s more is that the attack happens everytime you open your account through your Paypal app. Hence, there is a huge possibility of multiple attacks.

The 2FA bypass

Since the virus doesn’t actually collect your login credentials but waits for you to log in on your own, it bypasses the two-factor authentication (2FA) as well. According to Securenvoy, the two-factor authentication “adds another layer of security, supplementing the username and password model with a code that only a specific user has access to“. By way of protecting, the two-factor authentication just makes the user go through an extra step before logging in. With regards to viruses like the one discussed above, it is not going to be that helpful.

Are we really safe with 2FA?

For viruses like the ones mentioned above, they will only stop if the Paypal account has insufficient balance or doesn’t have a card connected to it. But this begs the question. For apps handling something as important as our money, is 2FA really safe? There have been various articles which point out the flaws in the technology and methods to override and bypass them.

Hence, the apps, especially the ones tasked with handling our money, need to figure out more secure ways to go about their business. In a world dominated by privacy, security goes a long way in enforcing brand value. Hence, the more secure an app is, the more successful it is going to be.



Please enter your comment!
Please enter your name here

Latest News

VPN Is Essential For Your Data Security, But Free VPN Is Not The Way To Go For It

Suppose you've ever connected to a public Wi-Fi network or are concerned about how your internet service provider uses...

In-Depth: Dprime

Will ‘TikTok By Microsoft’ Be A Winner?

For the last two years, TikTok has been in the public eye for all sorts of reasons. First, it was the exploded and unparalleled...

Facebook Subscription Model: Looking Beyond Ad Dollars?

Seldom do job listings create a stir this gripping. However, when the job listing in question is a stealth post from Twitter, with a...

Will The Online Food Delivery Market in India End Up Becoming A Two-Horse Race?

It's pretty much evident that the food delivery space in India is all set to get riled up soon enough as one of the...

More Articles Like This