Cerberus (Android) Explained

Cerberus is a trojan horse targeting Android mobile phone banking credentials.

History

It was initially spotted in June 2019.[1] It was spotted targeting Spanish and Latin American targets in September 2019.[2] Its attacks are capable of stealing Google Authenticator and SMS 2FA tokens, behavior that was spotted in February 2020.In April 2020, variants has been spotted posing as COVID-19-related apps.[3]

Research indicates that Cerberus has developed overlay attacks for over 30 unique targets, making it a versatile threat in the mobile banking landscape.[4]

Cerberus is capable of logging all keystrokes (including passwords) and stealing 2FA tokens from Google Authenticator and SMS messages. It also allows remote control over the device using TeamViewer.[5] It is sold as Malware as a service on underground forums.[6]

Notes and References

  1. Web site: Cimpanu . Catalin . Android malware can steal Google Authenticator 2FA codes . ZDNet . 2020-02-27 . 2020-04-28.
  2. Web site: Cerberus Android Malware Gains Ability to Steal 2FA Tokens, Screen Lock Credentials . Security Intelligence . 2020-03-02 . 2020-04-28.
  3. Web site: Coronavirus stimulus scams are here. How to identify these new online and text attacks . CNET . 28 April 2020.
  4. Web site: Defend Against Cerberus Trojan Threats . 2024-08-07 . Zimperium . en-US.
  5. Web site: Doffman . Zak . New Android Coronavirus Malware Threat Exposed: Here's What You Must Not Do . Forbes . 2020-04-09 . 2020-04-28.
  6. Web site: Malicious coronavirus-themed apps target Android devices . TechRepublic . 2020-03-18 . 2020-04-28.

This article is licensed under the GNU Free Documentation License. It uses material from the Wikipedia article "Cerberus (Android)".

Except where otherwise indicated, Everything.Explained.Today is © Copyright 2009-2024, A B Cryer, All Rights Reserved. Cookie policy.