Security researchers say that an Android malware strain can now
extract and steal one-time passcodes (OTP) generated through
Google Authenticator, a mobile app that’s used as a two-factor
authentication (2FA) layer for many online accounts.
Google launched the Authenticator mobile app in 2010. The app
works by generating six to eight-digits-long unique codes that
users must enter in login forms while trying to access online