HIGHLIGHTS 

The Vultr virus was found in the 2FA Authenticator software.

When a banking app is utilised, it is capable of capturing the screen.

The virus was designed to look like an open-source two-factor authentication application.

WHY IN NEWS 

Two-factor authentication is commonly regarded as one of the most secure ways to protect accounts online, but a phoney software posing as one was recently discovered taking financial information from Android smartphone users. The programme was revealed to be posing as an open-source app with the same features, according to a security firm. The two-factor authentication software, which was infested with a malevolent banking malware, was downloaded over 10,000 times before being deleted by Google, the latest example of criminal developers devising new ways to steal user data.

also read : https://tinyurl.com/3kppwrmw

Researchers from security firm Pradeo have discovered the '2FA Authenticator' app as malware, and it contains the hazardous Vultur Android virus. When the Vultur virus infects an Android smartphone, attackers can utilise remote access software to duplicate the user's screen and steal login credentials. The spyware, which was initially detected last year, may capture a smartphone's screen while using finance-related apps. The 2FA Authenticator software, according to the researchers, is meant to seem like the open-source Aegis Authenticator app in order to keep a low profile. It assaults the gadgets of the users in two phases. The malicious code in the app allows it to gather and send a list of installed apps on a user's phone as well as their location, and then launch attacks against apps in those locations. Under the pretext of giving updates, it may also disable the phone's PIN or password and download third-party apps.

also read : https://tinyurl.com/5n7r43nf

After determining the user's location, the malware instals the Vultur malware, which may steal user credentials from a user's smartphone using remote screen access when banking and cryptocurrency apps are used. The virus may also do actions even when the app is closed, thanks to a vital permission called SYSTEM ALERT WINDOW, which allows it to overlay apps on the smartphone. Before being banned by Google, the software spent 15 days on the Google Play store, racking up over 10,000 downloads. According to the researchers, individuals who have the software installed on their smartphone should delete it immediately.