Cerberus banking Trojan's auction failed. Thus, leading to releasing free malware to hackers. Dmitry Galov, the Kaspersky cybersecurity researcher, said that the Cerberus v2's leaked code could increase privacy threat for smartphone users and the banking sectors. 

Also Read: Razer Leaks 100,000+ Private Data While Reports About the Breach Bounce from One Support Representative to Another

Cerberus, a mobile banking Trojan, was designed for the Google Android operating system. The Remote Access Trojan (RAT) conducted covert surveillance, corrupt device functionality, and intercept communication since July 2019.

Also Read: Microsoft Cyberattack Revelations: Russia Tries to 'Denigrate' Biden, Iran Wants to 'Undermine' US Institutions, China Targets Trump!

The malware created overlays on existing retail, bank, social networking apps to steal data, such as banking credentials. It could also read test messages containing two-factor authentication (2FA) codes and one-time passcodes.

Because of its feature, the malware could breach typical 2FA account protections and steal OTPs generated through Google Authenticator. Cerberus was first discovered by Avast researchers in Google Play in early July.

It was hard to identify since the malware was disguised as a legitimate currency converter.

What happened to the Cerberus' auction

Cerberus banking Trojan was spotted in an auction in late Jul. The malware's maintainer poster an advertisement, revealing that a new owner is needed since the development team broke up.

Also Read: FACT-CHECK: Antifa Did NOT Start Oregon Fire; Facebook to Remove Fake News on Platform

The auction starting price was $50,000 and aimed to generate around $100,000 for the malware's client list, code for administrator panels, APK source code, and servers. The auctioneer confirmed that it only generated $10,000 in revenue per month.

"Despite Cerberus' Russian speaking developers earmarking a new vision for the project in April this year, auctions for the source code began in late July due to the breakup of the development team," said Kaspersky.

"Due to an unclear culmination of factors, the author later decided to publish the project source code for premium users on a popular Russian-speaking underground forum," added the security firm.

The company also explained an immediate rise in mobile app infections across Russia and Europe after the Cerberus source code's free release in the underground. Previously, the malware was offered as Malware-as-a-Service (MaaS), meaning the threat was contained to hackers able to pay for the code. Cerberus' subscription ranges from $4,000 every month to $12,000 every year.   

For more news updates about Cerberus and other malware, always keep your tabs open here at TechTimes.

Also Read: A Campaign App's Bug Allows Hackers to Access Millions of Americans' Sensitive Voter Info

This article is owned by TechTimes,

Written by: Giuliano de Leon.

ⓒ 2024 TECHTIMES.com All rights reserved. Do not reproduce without permission.
Join the Discussion