Is there a known sec threat w Google 2-step Verification

Discussion in 'Malware Removal Assistance For Mac' started by Box-er, Jul 12, 2017.

  1. Box-er

    Box-er New Member

    Jul 12, 2017
    US, State of Iowa
    Device model:
    Samsung Galaxie S6
    Operating System and Version:
    Android 7.0
    Super User:
    Infection date and initial symptoms:
    Current issues and symptoms:
    Attempted to buy a digital book + audio from Google Books. After hitting "Buy" button, asked me to log into my Google account. I use 2-step verification for Google logins. After entering my u/n and pw, I rcvd the screen saying I was being sent a verification code (line for entering code is prefaced with "G-").

    When received, I entered the code and pressed "Next", but was (if I can recall) presented again with the same screen saying I was being sent a "G-" verification code. Thinking I failed to enter the 1st code correctly, I thought nothing of the failure to finish login.
    However, the second verification code was the same... and whereas all previous Google verification messages were received from Google verify, # "224444", the second (duplicate) code was sent from an actual 10-digit phone number - one from which I've never rcvd a message (not sure if I should include the # here).

    Only help on Google site was a user describing the same thing back in 2013 (though s/he reported he always receives his codes from the same 10-digit phone number, and suspected the message he rcvd from (#224444") might be bogus).

    Only reply he rcvd was from someone supposedly with Google who said the vodes should not ever be received from an actual phone number (by which I assume he meant to refer to a standard 10-digit phone, in the US).

    I am at home on a wi-fi network protected by a Bitdefender Box. The phone on which this suspicious activity occurred is listed as a fully-defined "Family" Device, yet is not and has not been showing as being protected for some time (the Box app says the phone as inactive on the network). I've checked, and the MAC address is correct. The phone is definitely accessing the network -- I am using the phone to submit this post. It just happens to also be the device on which the "Box" app is installed (which is not pw protected... I'm beginning to feel rather squeemish right now.)

    Truth is, I've suspected there's uninvited guests in the network, but the Box, nor the Bitdefender virus sw installed on my primary machine (laptop) has ever detected a problem that hasn't been dispatched.
    Steps taken in order to remove the infection:
    Dont know yet if this is an infection - that's my question.
    Need to know if the info above is a possible problem. Thus far, Ive not done anything to address a possible malware infection. However, I have feared there are problems w my laptop (also on same wifi nw)... until the last month or two, MS Win Update was broke, and I could not find a way to install security or other updates.

    Suddenly began installing updates 4 to 8 weeks ago, but many are waiting for reboot. However, when does reboot, encounters a fault and backs out install of pending updates installed to that point. Same has now been constant for approx 2 wks (on my laptop).
Similar Threads Forum Date
Anonymous #OpIsrael Participants Targeted with RATs by Unknown Threat Actor News Archive Apr 6, 2017
Off-Topic Old, lesser known AV boxes! (Pictures) Off Topic Tuesday at 7:26 PM
Special Samples Unknown Malware (Dropper & Payload) - 17.03.2018 Malware Vault (Samples) Mar 17, 2018