A new malware, called Cerberus, is currently targeting smartphones running Android, by stealing passwords provided by the Google Authenticator application.
According to the team's report, Cerberus can do something that very few other Trojans can do – “disable” the Google Authenticator application.
They do this by stealing the 6-digit code used to secure access to Bitcoin wallets or accounts on cryptocurrency exchanges.
Until now, Google Authenticator is the best security application, much more efficient than the security code sent via SMS.
ThreatFabric's report says that the latest versions of this Trojan have been significantly improved and their functionality is now almost identical to the remotely accessible Trojans. The latter is thought to be a very dangerous type of malware.
The researchers said that, so far, this upgraded Trojan has not yet been shared on hacker forums. However, they warn this could also happen in the near future.