Jump to content

Cerberus (Android)

From Wikipedia, the free encyclopedia
The printable version is no longer supported and may have rendering errors. Please update your browser bookmarks and please use the default browser print function instead.

Cerberus is a trojan horse targeting Android mobile phone banking credentials.

History

It was initially spotted in June 2019.[1] It was spotted targeting Spanish and Latin American targets in September 2019.[2] Its attacks are capable of stealing Google Authenticator and SMS 2FA tokens, behavior that was spotted in February 2020.[1] In April 2020, variants has been spotted posing as COVID-19-related apps.[3]

Research indicates that Cerberus has developed overlay attacks for over 30 unique targets, making it a versatile threat in the mobile banking landscape.[4]

Cerberus is capable of logging all keystrokes (including passwords) and stealing 2FA tokens from Google Authenticator and SMS messages. It also allows remote control over the device using TeamViewer.[5] It is sold as Malware as a service on underground forums.[6]

References

  1. ^ a b Cimpanu, Catalin (2020-02-27). "Android malware can steal Google Authenticator 2FA codes". ZDNet. Retrieved 2020-04-28.
  2. ^ "Cerberus Android Malware Gains Ability to Steal 2FA Tokens, Screen Lock Credentials". Security Intelligence. 2020-03-02. Retrieved 2020-04-28.
  3. ^ "Coronavirus stimulus scams are here. How to identify these new online and text attacks". CNET. Retrieved 28 April 2020.
  4. ^ "Defend Against Cerberus Trojan Threats". Zimperium. Retrieved 2024-08-07.
  5. ^ Doffman, Zak (2020-04-09). "New Android Coronavirus Malware Threat Exposed: Here's What You Must Not Do". Forbes. Retrieved 2020-04-28.
  6. ^ "Malicious coronavirus-themed apps target Android devices". TechRepublic. 2020-03-18. Retrieved 2020-04-28.