Cerberus Android Banking Trojan is back with more power and benefiting from the COVID-19
pandemic fear. It can by-pass Google Authenticator two-factor authentication which is considered more secure alternative to SMS. It spread via phishing or by an SMS link that usually say on the lines of "install this app and get ahead of Corona epidemic". After install it can steal sensitive information such as banking information, crypto wallets and with the availability of RAT it can also extract and pass data to its operators. It can extract data from non-banking apps like messaging applications installed on the victim's device such as Telegram, WhatsApp or Gmail. This information can later be exploited for ransom. It will send SMS and emails from the compromised devices which appear to come from the victim itself, which lead to its fast propagation. It can infect Android version from 4 to 10.
Cerberus Trojan Sample 1 Signatures
Cerberus Trojan Sample 1 Download
Cerberus Trojan Sample 2 Signatures
Cerberus Trojan Sample 2 Download