Press ESC to close

Cerberus Unchained: The Multi-Stage Trojan Banking Campaign Targeting Android Devices

Category Details
Threat Actors Cerberus (also known as ErrorFather)
Campaign Overview Cerberus reemerges as a multi-stage banking trojan targeting Android devices, stealing banking credentials, SMS data, and contact lists.
Target Regions (Or Victims) Global, primarily targeting Android users
Methodology Uses overlay attacks, keylogging, and dynamic C2 communication via Domain Generation Algorithms (DGAs).
Product Targeted Android devices, specifically banking apps, SMS, and contacts.
Malware Reference Cerberus (Android banking trojan)
Tools Used Keylogging, Remote Access, Domain Generation Algorithms (DGAs), encrypted payloads, droppers, native libraries.
Vulnerabilities Exploited Android security vulnerabilities, primarily through overlay attacks, keylogging, and app masquerading.
TTPs Masquerading as trusted apps, keylogging, phishing, C2 encryption, Dynamic Resolution (DGA), encrypted communications.
Attribution Unknown, likely criminal groups focused on financial theft and espionage.
Recommendations App verification, endpoint security, user training, multi-layered defense, anti-keylogging measures, and network monitoring.
Source SOCRadar

Read full article: https://socradar.io/cerberus-multi-stage-trojan-banking-campaign/

The above summary has been generated by an AI language model

Stay Updated with Our Newsletter

  

Source: SOCRadar

Published on: January 5, 2025

Comments (1)

Leave a Reply

Your email address will not be published. Required fields are marked *