‘Secure’ 2FA has more holes than Swiss cheese: Trend Micro

Cybersec firm identifies malware gang exploiting Android vulnerabilities to spoof live two-factor credentials

Tags: Cyber crimeTrend Micro Incorporated
  • E-Mail
‘Secure’ 2FA has more holes than Swiss cheese: Trend Micro Android users who use banking services with 2FA may not be as secure as they think.
By  Stephen McBride Published  July 24, 2014

Users of online banking services through Android-based smartphones, even those using two-factor authentication (2FA) may not be as secure as they think, according to a new report from digital security specialist Trend Micro.

Comparing banks' cyber protection methods to Swiss cheese, in reference to vulnerabilities, or "holes", in their security layers, Trend said in a statement: "Banks have been trying to prevent crooks from accessing your online accounts for ages. Passwords, PINs, co-ordinate cards, TANs, session tokens - all were created to help prevent banking fraud."

But recently Trend Micro researchers discovered a cyber-criminal ring that was engaged in an operation to compromise session tokens. Trend dubbed the operation "Emmental", in reference to the hole-ridden Swiss cheese.

In Europe, many banks implement 2FA by texting a session token to a user who logs in using their correct username and password. After the text is sent to the user's mobile phone, they have a short space of time to enter the session token before it expires.

The Emmental gang targets countries where the use of 2FA by SMS is widespread. Users will receive an email that spoofs a well-known online retailer. If they click a link within the message their phone will become infected with malware. The malware changes configuration settings and then removes itself, and so cannot be detected in subsequent infection scans.

Continues on next page>>

Add a Comment

Your display name This field is mandatory

Your e-mail address This field is mandatory (Your e-mail address won't be published)

Security code