Google Play hosted phishing apps impersonating Turkish cryptocurrency exchange
The Next Web -

Malicious apps impersonating Turkish cryptocurrency exchange BtcTurk are circumventing Google’s recently adopted security enhancing measures. According to researchers, the apps are accessing one-time passwords (OTPs) and SMS-based two-factor authentication (2FA), was well as some email-based 2FA systems. By impersonating the cryptocurrency exchange, the apps are able to phish for users’ login credentials. Instead of intercepting SMS messages to bypass 2FA protection on users’ accounts and...

Read this story at

Loading...

Related Articles