Cerberus Banking Trojan Analysis

Yazar: Fatih Kayran

Today’s cyber world is swarming full of mobile devices. Each day more and more companies are starting to use mobile devices. With this rising trend in usage of mobile devices and applications, this landscape became one of the main concerns in cyber security area. In this report we will be giving in-depth information about a specific malware targeting banking apps. Fortunately, if correct mitigations and countermeasures are applied, these fraud attempts and violations can be acknowledged and prevented beforehand.

In our research, we discovered groups particularly targeting Turkish banks via using Banking-Trojans. With usage of this malicious application, they are capable of stealing user credentials such as credit card numbers, citizen number, banking credentials etc. After acquiring victim’s information, these groups are using obtained credentials to withdraw money from victims’ bank.

Banking-Trojans can be described as malwares specifically targeting apps or sites directly related to the banks themselves, but new generation Banking-Trojans are much more capable than that. With this new generation Banking-Trojans actors are not only compromising users’ credentials for bank accounts but also acquiring full control of the victims’ phone. In this research we will be investigating one of the most powerful Android Banking-Trojan ever made until now, called ‘Cerberus’.

Detailed analysis, countermeasures and analysis tools are included in the white-paper. You can access the white-paper via this link.

Yazar: fatih.kayran