Crypto trading is apparently being targeted by a new banking Trojan that stole Google 2FA Codes on their accounts. The Trojan "Cerberus" that can steal 2-Factor Authentication (2FA) codes generated by the Google Authenticator application for internet banking applications, email accounts, and cryptocurrency exchanges has been identified by ThreatFabric, a cybersecurity firm based in Amsterdam. specializing in threats to the financial industry.
One of the targets of the "Cerberus" Trojan attack was the US-based cryptocurrency exchange Coinbase which also includes major financial institutions around the world and social media applications as well.
The Cybersecurity Firm notes that they have not identified any messages from this "Cerberus" Trojan. According to a report from ThreatFabric states that Remote Access Trojan (RAT) "Cerberus," was first identified in late June where this RAT replaced the Anubis Trojan and emerged as the flagship Malware-as-a-Service product that had been previously identified.
It can be concluded from the report that Cerberus was updated in mid-January 2020, with a new version that introduced the ability to steal 2FA tokens from Google Authenticator, as well as a device screen lock PIN code and swipe pattern so that Cerberus could possibly take over someone's account.
This Cerberus attack, once installed on the user's device, Cerberus can download device content, and establish a connection that provides remote access to fully operate a device. The Cerberus RAT can then be used to operate any application on the device it has compromised including banks and cryptocurrency exchange applications.
Also the report examined two other RATs that became famous after Anubis namely "Hydra" and "Gustaff". For this Gustaff variant, Australian and Canadian banks, cryptocurrency wallets and government websites were targeted, while the Hydra variant recently expanded its scope after briefly targeting Turkish banks and blockchain wallets.
Including Cerberus, the three Trojans target more than 26 cryptocurrency exchanges and also include Coinbase, Binance, Xapo, Wirex, and Bitpay which have become leaders in the crypto field.
It is also known that its more than 20 targets are wallet providers offering support for leading cryptocurrencies including Bitcoin (BTC), Ethereum (ETH), and Bitcoin Cash (BCH). One potential defense against this Cerberus attack is to use a physical authentication key to prevent remote attacks such as fingerprint locks and the like.
picture from pixabay.com
original news at https://cointelegraph.com/news/threat-alert-new-trojans-targeting-major-crypto-exchanges-apps-discovered
Source
Plagiarism is the copying & pasting of others' work without giving credit to the original author or artist. Plagiarized posts are considered fraud and violate the intellectual property rights of the original creator.
Fraud is discouraged by the community and may result in the account being Blacklisted.
If you believe this comment is in error, please contact us in #appeals in Discord.
Thank you for reminding @hivewatchers, I've edited the article by adding a link from the original article