A banking Trojan disguised as an app has infected 10,000 smartphones

A banking Trojan disguised as an app has infected 10,000 smartphones

It looked like a currency conversion application. With this trick Cerberus has managed to infiltrate thousands of devices by stealing bank data

Cerberus, a banking Trojan has disguised itself as a legitimate application to enter users' devices (photo: Avast) Cyber ​​threats are finding ever more ingenious ways to get to users' devices. This is the case of Cerberus, a banking trojan that, disguised as a harmless application to calculate the currency conversion, has entered smoothly into the Googl P lay Store and managing to total over 10 thousand downloads on Android devices in Spain .

Researchers from Avast, a cybersecurity company that owns the antivirus of the same name, brought the dangerous malware to the attention.

The disguise of the banking trojan was an application called Calculadora de Moneda to currency conversion. In doing so, it did not attract the attention of the Google Play Protect team, which constantly monitors the store for possible threats to the safety of its users.

Later, the actors who controlled the application have the banking trojan has been activated through commands given by a Command & control (C & c) server. In doing so, unbeknownst to users, Cerberus took the place of the application installed on the devices and was able to steal all access data to current accounts, read text messages and thus access authentication details. two-factor. In short, this malware was able to bypass all the security measures imposed by a user to protect his accounts.

The Avast Threat Labs, explained that the C&C server linked to this application remained active until a few days ago when the cyber criminals have them turned off, thus interrupting the sending of the malicious code. “ This, ” explain experts in cybersecurity, “ is a tactic often employed by fraudsters to hide from detection, limiting the temporal window in which you can discover the malicious activity ”.

This malware has aroused particular interest for the way in which he managed to evade the controls on the Play Store and pretending to be a legitimate application by tricking thousands of users. For this reason, the experts of Avast recommend to always verify that the banking application you are using is certified and pay attention to the permissions required by an application during installation.





Powered by Blogger.