November 30, 2023

Cerberus Trojan virus steals cryptocurrency user data

Cerberus Trojan virus steals cryptocurrency user data

Amsterdam-based cybersecurity company ThreatFabric reports that it recently...An updated Trojan virus attacked Binance, Coinbase and other leading cryptocurrency exchanges.

According to a ThreatFabric report published onThis week, the Cerberus Trojan virus is focused on cryptocurrency exchanges, including such popular platforms as Binance and Coinbase. The virus is able to steal 2-factor authentication codes (2FA) created using the Google Authenticator application, which has become the main means of protection for many users.

Cerberus, which is classified as a TrojanRemote Access (RAT) was first identified in June 2019. Subsequently, the virus was updated in January 2020, being able to steal 2FA codes from Google Authenticator, in addition to the PIN codes used to lock the device’s screen.

After infection, the virus can download the contents of the device and establish a remote connection, which provides the hacker with complete control over any application on the device.

«A function that ensures theft of accountdevice lock screen data (PIN and lock pattern) is provided by a simple overlay that will require the victim to unlock the device. From the implementation of the RAT, we can conclude that it is designed to allow criminals to remotely unlock the device when the victim is not using the device», - wrote in ThreatFabric.

This once again confirms the creativity of criminals who do not stop looking for tools to achieve fraudulent goals.


Rate this publication