The Central Bureau of Investigation (CBI) has put out a countrywide alert to law enforcement agencies on the basis of inputs received from Interpol about a malicious malware called Cerberus. The agency warned that using the COVID-19 pandemic as a guise to lure unsuspecting users, the Cerberus trojan sends an SMS related to the COVID-19 pandemic content to download the embedded malicious link.
Once downloaded, the trojan deploys its malicious app usually spread via phishing campaigns to trick users into installing it on their smartphones. Once the link is opened, the malware is installed on your phone and it can steal financial data such as credit card numbers. "In addition, it can use overlay attacks to trick victims into providing personal information and can capture two-factor authentication details," said the CBI in a press statement.
According to a cybersecurity firm, Bolster, which analysed 1 billion websites, 30% of phishing and counterfeit pages were related to COVID-19. UK's National Cyberfraud reporting centre reported a 400% increase in cyber crimes because of the COVID-19 pandemic in March. According to a Microsoft executive, more than 9,000 coronavirus-themed attacks were noticed in India between February 2 and May.
Here are a few things you need to know about Cerberus -
What is a banking trojan?
A banking trojan is a malware that disguises itself as a credible app or software that users can download and install. Once in the system, it positions itself to access your banking details by disguising itself as an app that requires permission to be used.
What is Cerberus?
Cerberus, in Greek mythology, is the monstrous watchdog of the underworld. Here, this banking trojan ( a trojan is a malicious code or software that looks legitimate) was created in 2019 and is a malware for hire for banking forums. It allows remote attackers to take control over infected android devices and can take screenshots, send, delete SMSes, and most importantly, steal your account information. With the rise of cyberthreats from Cerberus, the CBI put out an alert on malware that could steal your financial information.
How will it affect my phone?
Once your device becomes infected with Cerberus trojan, the malware will be embedded in your applications without the icon showing. It often takes the form of commonly used applications that we need to switch on often, like the Flash Player Service, to gain accessibility permission.
After permission is granted, it will allow the hacker to gain control over the device remotely.
To gain information about the victim's banking information, Cerberus will launch 'screen overlay attacks.' This means that the hacker will be able to capture the data the user enters into an app that you are entering by casting a transparent overlay. Eg. Cerberus can display an overlay on top of an actual mobile banking app and can trick the users into entering their banking credentials into the fake login screen. This way, the hacker acquires your financial information.
What makes Cerberus specifically dangerous is that it has specified attacks for 30 unique targets and banking apps, and it can keep making unique targets for its attacks.
Here are a few tips to be safe:
-Don't click on email attachments or links that come from an unknown sender.
-Update your passwords regularly and make sure they are strong.
-Install anti-malware software on your phone.
-Back up all your important files and store them independently on a different system.
-Disable third-party applications on your phone that could be vulnerable entry points.