According to Threatfabric, the malware is not yet being distributed or advertised on underground forums
Two-Factor Authentication (2FA) was the industry's answer to curbing illegitimate access for online accounts. This was especially the case to prevent bank accounts from being hacked and was eventually utilized by companies like Google, Facebook, Apple etc. Now a new security threat claims to be able to steal 2FA codes from the Google Authenticator.
According to Threatfabric, new Android malware is capable of stealing 2FA codes from Google's app. Typically apps like Google's 2FA or even Microsoft's App for that matter are considered safer than the SMS method of receiving 2FA codes. This was because SMS isn't transmitted over a secure protocol and can be intercepted. Then there's the additional threat of SIM cloning that has led to multiple counts of banking fraud in the past. Now, it would appear that Google's 2FA app has also been proven to be vulnerable.
According to Threatfabric, the malware is not yet being distributed or advertised on underground forums, suggesting that the hack may still be in testing stages. What we don't know yet is whether the malware is exploiting something in the Android OS or a weakness in Google's 2FA app to gain access to the codes. The report only lists the vulnerability to impact Android, meaning iOS users are still secure. This could also mean that the vulnerability exploits a combined vulnerability in Android and the 2FA app.
There is also no information on whether the malware would make other 2FA apps vulnerable, but in either case, it is something to be supremely worried about.