Support

Explore

HomeNo Image is Available
About UsNo Image is Available
AuthorsNo Image is Available
TeamNo Image is Available
CareersNo Image is Available
InternshipNo Image is Available
Contact UsNo Image is Available
MethodologyNo Image is Available
Correction PolicyNo Image is Available
Non-Partnership PolicyNo Image is Available
Cookie PolicyNo Image is Available
Grievance RedressalNo Image is Available
Republishing GuidelinesNo Image is Available

Languages & Countries :






More about them

Fact CheckNo Image is Available
LawNo Image is Available
ExplainersNo Image is Available
NewsNo Image is Available
DecodeNo Image is Available
Media BuddhiNo Image is Available
Web StoriesNo Image is Available
BOOM ResearchNo Image is Available
BOOM LabsNo Image is Available
Deepfake TrackerNo Image is Available
VideosNo Image is Available

Support

Explore

HomeNo Image is Available
About UsNo Image is Available
AuthorsNo Image is Available
TeamNo Image is Available
CareersNo Image is Available
InternshipNo Image is Available
Contact UsNo Image is Available
MethodologyNo Image is Available
Correction PolicyNo Image is Available
Non-Partnership PolicyNo Image is Available
Cookie PolicyNo Image is Available
Grievance RedressalNo Image is Available
Republishing GuidelinesNo Image is Available

Languages & Countries :






More about them

Fact CheckNo Image is Available
LawNo Image is Available
ExplainersNo Image is Available
NewsNo Image is Available
DecodeNo Image is Available
Media BuddhiNo Image is Available
Web StoriesNo Image is Available
BOOM ResearchNo Image is Available
BOOM LabsNo Image is Available
Deepfake TrackerNo Image is Available
VideosNo Image is Available
Explainers

Cerberus Trojan In The Time Of COVID-19: 5 Tips To Secure Your Data

Cerberus Banking Trojan is using the COVID-19 pandemic as a guise to lure unsuspecting users into downloading malware

By - BOOM FACT Check Team | 20 May 2020 8:41 PM IST

The Central Bureau of Investigation (CBI) has put out a countrywide alert to law enforcement agencies on the basis of inputs received from Interpol about a malicious malware called Cerberus. The agency warned that using the COVID-19 pandemic as a guise to lure unsuspecting users, the Cerberus trojan sends an SMS related to the COVID-19 pandemic content to download the embedded malicious link.

Once downloaded, the trojan deploys its malicious app usually spread via phishing campaigns to trick users into installing it on their smartphones. Once the link is opened, the malware is installed on your phone and it can steal financial data such as credit card numbers. "In addition, it can use overlay attacks to trick victims into providing personal information and can capture two-factor authentication details," said the CBI in a press statement.

According to a cybersecurity firm, Bolster, which analysed 1 billion websites, 30% of phishing and counterfeit pages were related to COVID-19. UK's National Cyberfraud reporting centre reported a 400% increase in cyber crimes because of the COVID-19 pandemic in March. According to a Microsoft executive, more than 9,000 coronavirus-themed attacks were noticed in India between February 2 and May. 

Here are a few things you need to know about Cerberus - 

What is a banking trojan? 

A banking trojan is a malware that disguises itself as a credible app or software that users can download and install. Once in the system, it positions itself to access your banking details by disguising itself as an app that requires permission to be used. 

What is Cerberus?

Cerberus, in Greek mythology, is the monstrous watchdog of the underworld. Here, this banking trojan ( a trojan is a malicious code or software that looks legitimate) was created in 2019 and is a malware for hire for banking forums. It allows remote attackers to take control over infected android devices and can take screenshots, send, delete SMSes, and most importantly, steal your account information. With the rise of cyberthreats from Cerberus, the CBI put out an alert on malware that could steal your financial information.

How will it affect my phone?

Once your device becomes infected with Cerberus trojan, the malware will be embedded in your applications without the icon showing. It often takes the form of commonly used applications that we need to switch on often, like the Flash Player Service, to gain accessibility permission.

After permission is granted, it will allow the hacker to gain control over the device remotely.

To gain information about the victim's banking information, Cerberus will launch 'screen overlay attacks.' This means that the hacker will be able to capture the data the user enters into an app that you are entering by casting a transparent overlay. Eg. Cerberus can display an overlay on top of an actual mobile banking app and can trick the users into entering their banking credentials into the fake login screen. This way, the hacker acquires your financial information.  

What makes Cerberus specifically dangerous is that it has specified attacks for 30 unique targets and banking apps, and it can keep making unique targets for its attacks. 

Here are a few tips to be safe:

-Don't click on email attachments or links that come from an unknown sender.
-Update your passwords regularly and make sure they are strong.
-Install anti-malware software on your phone.
-Back up all your important files and store them independently on a different system.
-Disable third-party applications on your phone that could be vulnerable entry points. 


Tags: