Cerberus banking Trojan's auction failed. Thus, leading to releasing free malware to hackers. Dmitry Galov, the Kaspersky cybersecurity researcher, said that the Cerberus v2's leaked code could increase privacy threat for smartphone users and the banking sectors.
Cerberus, a mobile banking Trojan, was designed for the Google Android operating system. The Remote Access Trojan (RAT) conducted covert surveillance, corrupt device functionality, and intercept communication since July 2019.
The malware created overlays on existing retail, bank, social networking apps to steal data, such as banking credentials. It could also read test messages containing two-factor authentication (2FA) codes and one-time passcodes.
Because of its feature, the malware could breach typical 2FA account protections and steal OTPs generated through Google Authenticator. Cerberus was first discovered by Avast researchers in Google Play in early July.
It was hard to identify since the malware was disguised as a legitimate currency converter.
What happened to the Cerberus' auction
Cerberus banking Trojan was spotted in an auction in late Jul. The malware's maintainer poster an advertisement, revealing that a new owner is needed since the development team broke up.
Also Read: FACT-CHECK: Antifa Did NOT Start Oregon Fire; Facebook to Remove Fake News on Platform
"Despite Cerberus' Russian speaking developers earmarking a new vision for the project in April this year, auctions for the source code began in late July due to the breakup of the development team," said Kaspersky.
"Due to an unclear culmination of factors, the author later decided to publish the project source code for premium users on a popular Russian-speaking underground forum," added the security firm.
The company also explained an immediate rise in mobile app infections across Russia and Europe after the Cerberus source code's free release in the underground. Previously, the malware was offered as Malware-as-a-Service (MaaS), meaning the threat was contained to hackers able to pay for the code. Cerberus' subscription ranges from $4,000 every month to $12,000 every year.
For more news updates about Cerberus and other malware, always keep your tabs open here at TechTimes.
Also Read: A Campaign App's Bug Allows Hackers to Access Millions of Americans' Sensitive Voter Info
This article is owned by TechTimes,
Written by: Giuliano de Leon.