Android ‘Escobar’ malware steals your 2FA codes — and takes over your phone

An Android banking Trojan called “Escobar” masquerades as a McAfee antivirus app and steals one-time codes from Google Authenticator, once again explaining why you don’t want to install apps outside the official Google Play Store.

The app can also steal SMS text messages and media files, make phone calls, track your location, use the phone’s camera, uninstall apps, inject new URLs into web browsers, and, most destructively, use VNC’s entire remote desktop functionality to take over the phone.