A new Android threat attacks two-factor identification

Websites and apps need to come with security measures for users. Two-factor authentication makes sure that an individual has a password to log into the app or website, but this is not enough because hackers are constantly coming up with new ways to hack it.

The case

The Escoba Trojan attacks the second leg of two-step authentication, considered almost perfectly secure until now: it tries to steal the Google Authenticator application’s codes to authorize access to login information. It goes without saying how dangerous this is because if the Trojan succeeds, others can easily log in to Facebook, a banking platform. The app can also take screenshots.

What is Two-factor authentication?

Two-factor authentication is a security method that requires the user to two different means of identifying themselves. It’s most commonly used to log into a service and verify an account using something other than an email or password, such as a code sent to a phone via text message or an app on your phone. This method helps prevent identity theft and hacking.

What is Google Authenticator?

Google Authenticator is a two-step authentication system that makes it more difficult for hackers to access your account. Google Auth was first put into use in 2013 and had been growing in demand. The first step of the process requires entering a six-digit code sent to your phone. After entering the code, you need to confirm it on your phone. This process can be done as many times before the code expires.


Android users are being warned of a new Android threat that compromises two-factor identification mechanisms. The threat, known as bad locker, targets devices running version 4.4 (Kitkat) and above the Android operating system. Devices that have been infected with bad lockers can be used to steal user credentials, including passwords and PINs, from other apps on the device and third-party services. Because two-factor authentication is based on verification of identity plus something you know (a password or PIN), Badlocker presents a severe security risk to users who are not careful about how they protect their data.