Malware Bypasses Android-based two-factor authentication systems in use at 34 banks across four different countries. Operation Emmental attacks have been actively targeting customers of financial services firms not just in Switzerland, but also Austria, Sweden, and starting in May, Japan. Attackers use a session-based token, sent via SMS, to act as a second factor for authenticating users before they’re allowed to log into their online bank account. The identity of the gang that’s running the campaign remains a mystery, although log logs show that infected PCs are communicating with malicious infrastructure.”]
Source: https://www.cuinfosecurity.com/malware-bypasses-2-factor-authentication-a-7090