A New Virus Breaches PayPal’s 2FA To Steal All Your Money

Must Read

Darkest Before Dawn: Can India Survive Its Worst Ever Recession?

Bolt your doors, batter down your hatches, brace yourselves. Recession is about to make landfall.

WeWork Valuation: $2.9 Billion, Way Below Than Estimated $47 Billion 6 Month Ago

If you are thinking it is some kind of clickbait, you are highly mistaken. The debate on...

Is Bill Gates Developing Covid-19 Vaccine To Track Billions Of Users Worldwide?

Bill Gates is once again at the centre stage of controversy related to novel Coronavirus.

If you are one of those active users of PayPal, this could be alarming for you. There’s a new trojan virus on the prowl now. And it plans to take all your money away from you through the Paypal app. Let us sit back and look at this digital nuisance a bit more clearly.

The most important thing about computer viruses, especially trojans, are their disguises. They may be coming across as a utility app which doesn’t execute itself upon execution, an insignificant app asking for a lot of permissions, etc. In this case, the trojan disguises itself as a battery optimising tool. You can check the image of the malware app in the photo below.

It is available for download via third-party app stores. Once it is in fact installed in your device, the app terminates itself before execution and hides its icon. It is then that the malware gets down to business.

Advertisements

Hacking Paypal Accounts

Now that the installation of the malware into the device is completed, it is now time for it to act up. But no malware can act up unless we allow it to. Yes, you heard that right. All the malware gets the kind of dangerous access that they want because of us allowing them to do so through permissions. In this case, the permission would come across to “Enable Statistics”. May sound really harmless but is indeed very dangerous.

Once it has the permission that it needs, it prompts the user to use the official Paypal on the phone, provided that it is installed. Once the user logs in, the trojan virus gets in too. It then sends funds to the owner of the virus through a series of clicks, all within 5 seconds. It is just not possible to take evasive action during that time. What’s more is that the attack happens everytime you open your account through your Paypal app. Hence, there is a huge possibility of multiple attacks.

The 2FA bypass

Since the virus doesn’t actually collect your login credentials but waits for you to log in on your own, it bypasses the two-factor authentication (2FA) as well. According to Securenvoy, the two-factor authentication “adds another layer of security, supplementing the username and password model with a code that only a specific user has access to“. By way of protecting, the two-factor authentication just makes the user go through an extra step before logging in. With regards to viruses like the one discussed above, it is not going to be that helpful.

Are we really safe with 2FA?

For viruses like the ones mentioned above, they will only stop if the Paypal account has insufficient balance or doesn’t have a card connected to it. But this begs the question. For apps handling something as important as our money, is 2FA really safe? There have been various articles which point out the flaws in the technology and methods to override and bypass them.

Hence, the apps, especially the ones tasked with handling our money, need to figure out more secure ways to go about their business. In a world dominated by privacy, security goes a long way in enforcing brand value. Hence, the more secure an app is, the more successful it is going to be.

Advertisements

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Latest News

Uber India Layoffs 25% Workforce Citing Tough Market Conditions

After laying off thousands of employees in the US, Uber is scaling down its operations in India...

Apple is Being Evil For 1.5 Billion iPhone, iPad Users Worldwide

Last year when Apple Inc. (NASDAQ:AAPL) was accused of recording everything that iPhone users were talking through Siri, the company was quick...

Is Bill Gates Developing Covid-19 Vaccine To Track Billions Of Users Worldwide?

Bill Gates is once again at the centre stage of controversy related to novel Coronavirus. Battling falsehood and paranoid...

Darkest Before Dawn: Can India Survive Its Worst Ever Recession?

Bolt your doors, batter down your hatches, brace yourselves. Recession is about to make landfall. According to Goldman Sachs, a...

Crisis Of Trust: The Glue Between Brands, Customers And Employees!

The COVID-19 crisis, which shows no sign of stopping any time soon, has left no life untouched in terms of impact. It...

WeWork Valuation: $2.9 Billion, Way Below Than Estimated $47 Billion 6 Month Ago

If you are thinking it is some kind of clickbait, you are highly mistaken. The debate on the valuation of WeWork once...

In-Depth: Dprime

Facebook Shops: Looking Beyond Ad Dollars!

Amid this global pandemic, when companies are struggling to find new verticals to pivot towards in order to maintain their revenue and...

Facebook Fake Accounts: The Inevitable Battle That May Last Forever!

For all social media platforms, battling with the growing number of scammers, hackers and all other kinds of malicious users have become...

YouTube Should Have Bid Adieu To Dislike Button Much Earlier?

Online video sharing platform YouTube can be a ruthless place for content creators targeted by 'dislike mobs'. And the site owners totally understand that...

More Articles Like This