Cyber criminals have started to use Android Banking Trojan "iBanking" to bypass Facebook's two-factor verification.
iBanking is malicious android application capable of intercepting SMS messages, forwarding incoming voice calls to any number and record victim's voice using mic.
Recently, RSA noted the release of source code for the iBanking trojan. This source code leak helped other cyber criminals to customize this trojan according to their needs.
ESET reports that a customized iBanking malware targeting Facebook users is being delivered via a new variant of Computer Banking Trojan Qadars
When a system is infected with Qadars Trojan, it will show a message when user is logging into Facebook telling them "Facebook introduces new extra safety protection system" and instructs them to install an android app. This app will help cybercriminals to intercept SMS so that they can bypass the Facebook's two-factor verification.
"The way iBanking is installed on the user’s mobile is quite common, but it is the first time we have seen such a mobile application targeting Facebook users for account fraud." Researchers said.