It is believed that an attacker can’t hack a facebook account which has enabled two-step authentication and other additional security check, even if he knows the username and password. But, not more! Vulnerabilities in android apps can make it possible.
Cyber criminals have started to use Android Banking Trojan “iBanking” to bypass Facebook’s two-factor verification.
iBanking is malicious android application capable of intercepting SMS messages, forwarding incoming voice calls to any number and record victim’s voice using mic.
Freshly, RSA noted the release of source code for the iBanking trojan. This source code leak helped other cyber criminals to customize this trojan according to their needs.
ESET reports that a customized iBanking malware targeting Facebook users is being delivered via a new variant of Computer Banking Trojan Qadars.
When a system is infected with Qadars Trojan, it will show a message when user is logging into Facebook telling them “Facebook introduces new extra safety protection system” and instructs them to install an android app. This app will help cybercriminals to intercept SMS so that they can bypass the Facebook’s two-factor verification.
The post iBanking – Android app! helping to hack facebook accounts appeared first on Am I Hacker Proof.
View full post on Am I Hacker Proof