Security researchers at Slovakia’s ESET have identified a new banking Trojan that bypasses PayPal’s two-factor authentication (2FA) to steal funds – waiting until users have fully logged in before enabling its exploit. The multifaceted malware also has a secondary function, downloading HTML-based phishing overlay screens for five apps – Google Play, WhatsApp, Skype, Viber, and Gmail – an initial list that can be dynamically updated.

Read full news article on CBR – CyberSecurity News