Cybersecurity firm from Amsterdam, ThreatFabric, has reportedly disclosed details about “Cerberus” – the Trojan responsible for illegally acquiring Google Authenticator-created 2-Factor Authentication (2FA) codes, for internet banking, email accounts, and crypto exchanges.
Particularly, major crypto exchange heavyweight from the US, Coinbase, is named in the target list of crypto platforms of Cerberus – which also has other key players in the financial sector across the globe, and social media apps.
ThreatFabric also notified that no dark web-based promotions for the updates of Cerberus has surfaced, meaning that the updated version can potentially still be “in the test phase but might be released soon.”
Per the report, researchers have come across the Remote Access Trojan “Cerberus” towards the end of June last year, taking the place of the Anubis Trojan, and has established its reputation as a major Malware-as-a-Service product.
Cerberus underwent its update process in the middle of January this year, with the latest support feature for illegally acquiring 2FA tokens from Google Authenticator, along with device screen-lock PIN codes and swipe patterns.
Upon its installation, Cerberus will hijack the content and allow the hacker to gain complete control over the devices. Then, the RAT will be able to log into bank and crypto exchange apps.
The Cerberus, along with 2 other post-Anubis trojans, “Hydra” and “Gustaff”, have reportedly target a total of 26 crypto exchange platforms, including Coinbase, Binance, Xapo, Wirex, and Bitpay – all offer facilitating support for major coins, nominally Bitcoin (BTC), Ethereum (ETH), and Bitcoin Cash (BCH).
Comments