Rise Of The Cerberus, Financial Institutions Warned Ahead

May 20 , 2020

Named after the monstrous wrath dog of the underworld from greek mythology, Cerberus is a banking trojan, created by the remote attackers which allows it to steal the account data, SMSs and all other important data of the device.

Taking advantage of the ongoing pandemic situation, scammers are targeting the financial data of the users' smartphones. Cerberus, the malicious software is being blessed with the amid pandemic scenario impersonates and sends SMSs providing some content and links that might deploy it’s malicious app by usually by sending emails pretending that they are from reputed companies and procuring the personal data that reveals the financial credentials of the customer. Recently on Tuesday the CBI announced that this kind of trojan often tends to be tricky for the users as they ask to provide the authentication details. CERT recently issued a security notification regarding zoom stating it as not a safe platform for the usage of individuals. The cerberus is more impacted to the internet users who are involved in the work from home jobs.

Impertinent behaviour and speed of criminal activity has been increasing from the time since our prime minister Narendra Modi has announced about the PM cares fund for helping the victims of COVID-19 pandemic. Various cerberus attacks have been phished off to transfer money in the name of treating patients. Fraudulent E- commerce sites have developed rapidly promising to treat corona victims.

The investigator could face the challenges like sending email to susceptible people for sharing password and bank credentials. Meanwhile the fraudsters are surging their way through the meeting places of corporate offices like google hangout and zoom. Some of the advisories warned that usage of open WiFi networks is dangerous also changing the default passwords would reduce the risk of the crime happening forth.

Operation Pangaea was launched by the INTERPOL to eradicate this kind of malicious software and nearly around 120 criminals from 90 countries which would worth around 14 million dollars were caught by them but this has not been executed in Indian government didn’t have any such kind of execution for such kind of issues. Slew of malicious software has become a banking trojan exploiting the name of coronavirus.

Cerberus makes use of an overlay top display of an actual mobile banking app and can trick the users into entering their banking credentials into the fake login screen. All the financial data can be acquired by the remote attackers. Such kind attacks are done for unique targets and banking apps. When the cerberus trojan gets installed in your device it doesn't show any icon for the application to the user. It pretends to act like a flash player in order to gain permission from the system.

By chance if the software gets installed due the lack of security it automatically registers the command and control over the systems. To robb the credential information of the device it launches remote screen overlay attacks. This impinges the customers to provide their details on some of the websites with fake login screens. The victim totally gets devastated by all the credential data over their respective devices.

To be safe from such malicious practices one should beware of downloading the applications as this malware relies on social engineering tactics to make its way onto a victim’s device. Click the links from trusted sources, if you receive any suspicious link stay cautious and avoid interacting with the message. Using an antivirus software would be more adorable to protect from such harming trojans.

Software files especially from the third party unofficial sites shady sites, third party downloaders, Peer-to-Peer networks, freeware download pages, free file hosting sites, etc., can be and often are used to proliferate malicious programs. Third party, fake installers are often used to spread malware too. If the above precautions are taken care off the malicious software could not be encouraged and there shall be no threat for the users credentials.