Cerberus Malware Improved To Pilfer Google Authenticator 2FA Codes

  •  
  •  
  •  
  • 1
  •  
  •  
  •  
    1
    Share

The Android banking trojan that entered the realm of cyber threats is now back stronger than ever. Researchers have revealed that the Cerberus malware has been improved to steal Google Authenticator 2FA codes.

Cerberus Malware Overview

In 2019, researchers from ThreatFabric uncovered a banking Trojan targeting Android devices. The malware named ‘Cerberus’ bragged an entirely new code. Yet it possessed similar functionalities as that of any other banking trojan. However, it was also capable of ditching security checks that made it desirable for attacks.

Upon reaching the target device, it gained elevated privileges by exploiting accessibility service to access other features. Moreover, it also disabled Google Play Protect to escape detection. Plus, its robust and active social media presence also made it distinct from typical malware.

Cerberus Improved To Pilfer Google Authenticator Codes

Despite being unique, Cerberus lacked the precision to compete with Anubis malware. However, ThreatFabric researchers have now revealed changes in Cerberus malware. According to their recent report, the new Cerberus malware variant now comes with enhanced and improved RAT capability. This functionality empowers it to steal 2FA codes too. As stated,

This new Cerberus variant has undergone refactoring of the code base and updates of the C2 communication protocol, but most notably it got enhanced with the RAT capability, possibility to steal device screen-lock credentials (PIN code or swipe pattern) and 2FA tokens from the Google Authenticator application.

Using the same capability, the malware can also launch TeamViewer on the target device to gain remote access.

The researchers believe that the new strain might still be in the testing phase considering the absence of any formal announcement about the improvisation.

Let us know your thoughts in the comments.

The following two tabs change content below.

Abeerah Hashim

Abeerah has been a passionate blogger for several years with a particular interest towards science and technology. She is crazy to know everything about the latest tech developments. Knowing and writing about cybersecurity, hacking, and spying has always enchanted her. When she is not writing, what else can be a better pastime than web surfing and staying updated about the tech world! Reach out to me at: [email protected]

Abeerah Hashim

Abeerah has been a passionate blogger for several years with a particular interest towards science and technology. She is crazy to know everything about the latest tech developments. Knowing and writing about cybersecurity, hacking, and spying has always enchanted her. When she is not writing, what else can be a better pastime than web surfing and staying updated about the tech world! Reach out to me at: [email protected]

Do NOT follow this link or you will be banned from the site!