A New Virus Breaches PayPal’s 2FA To Steal All Your Money

Must Read

WhatsApp Might Lose 60 Million Indian Users Post Updated Policy Changes, New Survey Reveals!

The Facebook-owned instant messaging platform’s decision to update their privacy and terms of service brought about a...

Uber and Ola In Hot Water: India Authorities Launch Fresh Probe!

The Directorate General of Goods and Services Tax Intelligence (DGGI) sent a summons to Uber and Ola...

Trump Administration Has Landed Its Final Blow On Chinese Companies: Xiaomi Blacklisted!

In its recent move to safeguard national security, the United States’ Trump Administration has decided to go...

If you are one of those active users of PayPal, this could be alarming for you. There’s a new trojan virus on the prowl now. And it plans to take all your money away from you through the Paypal app. Let us sit back and look at this digital nuisance a bit more clearly.

The most important thing about computer viruses, especially trojans, are their disguises. They may be coming across as a utility app which doesn’t execute itself upon execution, an insignificant app asking for a lot of permissions, etc. In this case, the trojan disguises itself as a battery optimising tool. You can check the image of the malware app in the photo below.

It is available for download via third-party app stores. Once it is in fact installed in your device, the app terminates itself before execution and hides its icon. It is then that the malware gets down to business.


Hacking Paypal Accounts

Now that the installation of the malware into the device is completed, it is now time for it to act up. But no malware can act up unless we allow it to. Yes, you heard that right. All the malware gets the kind of dangerous access that they want because of us allowing them to do so through permissions. In this case, the permission would come across to “Enable Statistics”. May sound really harmless but is indeed very dangerous.

Once it has the permission that it needs, it prompts the user to use the official Paypal on the phone, provided that it is installed. Once the user logs in, the trojan virus gets in too. It then sends funds to the owner of the virus through a series of clicks, all within 5 seconds. It is just not possible to take evasive action during that time. What’s more is that the attack happens everytime you open your account through your Paypal app. Hence, there is a huge possibility of multiple attacks.

The 2FA bypass

Since the virus doesn’t actually collect your login credentials but waits for you to log in on your own, it bypasses the two-factor authentication (2FA) as well. According to Securenvoy, the two-factor authentication “adds another layer of security, supplementing the username and password model with a code that only a specific user has access to“. By way of protecting, the two-factor authentication just makes the user go through an extra step before logging in. With regards to viruses like the one discussed above, it is not going to be that helpful.

Are we really safe with 2FA?

For viruses like the ones mentioned above, they will only stop if the Paypal account has insufficient balance or doesn’t have a card connected to it. But this begs the question. For apps handling something as important as our money, is 2FA really safe? There have been various articles which point out the flaws in the technology and methods to override and bypass them.

Hence, the apps, especially the ones tasked with handling our money, need to figure out more secure ways to go about their business. In a world dominated by privacy, security goes a long way in enforcing brand value. Hence, the more secure an app is, the more successful it is going to be.



Please enter your comment!
Please enter your name here

Latest News

Snapchat Spotlight: A New Way for Creators to Earn Money

Short-form video applications have increased overwhelmingly in popularity in recent times. The surge in this format of...

COVID-19 Unemployment Leading To Ageing Indian Workforce, CMIE Reports

The latest data shared by the CMIE aka Centre for Monitoring Indian Economy has highlighted a huge red flag.

The Slip-Ups Keep On Coming: WhatsApp Web Users’ Mobile Data Leaked On Google

As the developments have unfolded over the past week, the clock for WhatsApp seems to be ticking with every passing minute and...

Trump Administration Has Landed Its Final Blow On Chinese Companies: Xiaomi Blacklisted!

In its recent move to safeguard national security, the United States’ Trump Administration has decided to go after China’s second-biggest smartphone marker...

Huawei Is Gunning For Acquiring A Fifth Of Android’s Userbase With Its Own HarmonyOS!

After Google’s ban on Huawei in 2019, the Chinese-origin tech company is all set to roll out HarmonyOS later in 2021 as...

Battle Lines Are Drawn: Qualcomm’s Latest Acquisition to Challenge Apple, Intel

The quest to gain supremacy creates a butterfly effect for sure. With the challengers and the champion pulling out all stops to...

In-Depth: Dprime

Will ‘TikTok By Microsoft’ Be A Winner?

For the last two years, TikTok has been in the public eye for all sorts of reasons. First, it was the exploded...

Facebook Subscription Model: Looking Beyond Ad Dollars?

Seldom do job listings create a stir this gripping. However, when the job listing in question is a stealth post from Twitter,...

Will The Online Food Delivery Market in India End Up Becoming A Two-Horse Race?

It's pretty much evident that the food delivery space in India is all set to get riled up soon enough as one...

More Articles Like This