Cerberus is a
trojan horse
The Trojan Horse was a wooden horse said to have been used by the Greeks during the Trojan War to enter the city of Troy and win the war. The Trojan Horse is not mentioned in Homer's ''Iliad'', with the poem ending before the war is concluded, ...
targeting
Android
Android may refer to:
Science and technology
* Android (robot), a humanoid robot or synthetic organism designed to imitate a human
* Android (operating system), Google's mobile operating system
** Bugdroid, a Google mascot sometimes referred to ...
mobile phone banking credentials.
History
It was initially spotted in June 2019.
It was spotted targeting Spanish and Latin American targets in September 2019.
Its attacks are capable of stealing Google Authenticator and SMS 2FA tokens, behavior that was spotted in February 2020.
In April 2020, variants has been spotted posing as
COVID-19
Coronavirus disease 2019 (COVID-19) is a contagious disease caused by a virus, the severe acute respiratory syndrome coronavirus 2 (SARS-CoV-2). The first known case was identified in Wuhan, China, in December 2019. The disease quickl ...
-related apps.
Research indicates that Cerberus has developed overlay attacks for over 30 unique targets, making it a versatile threat in the mobile banking landscape.
Cerberus is capable of logging all keystrokes (including passwords) and stealing
2FA
Multi-factor authentication (MFA; encompassing two-factor authentication, or 2FA, along with similar terms) is an electronic authentication method in which a user is granted access to a website or application only after successfully presenting ...
tokens from
Google Authenticator
Google Authenticator is a software-based authenticator by Google that implements two-step verification services using the Time-based One-time Password Algorithm (TOTP; specified in RFC 6238) and HMAC-based One-time Password algorithm (HOTP; sp ...
and SMS messages. It also allows remote control over the device using
TeamViewer.
It is sold as Malware as a service on underground forums.
References
Trojan horses
{{Malware-stub