Cerberus Trojan Targeting Crypto Exchanges Discovered By ThreatFabric
The digital revolution brought with it many benefits to the human race. However, every technology also comes with many side effects. Where computers and the internet are concerned, the convenience they bring also comes with security issues. The digital era created hackers who can steal not only your information but your wealth as well.
With cryptocurrencies on the rise in popularity, hackers are more active than ever to steal your precious coins. This has been going on ever since the beginning. Hackers and scammers keep finding new and creative ways to do their dirty work. In recent times, a cybersecurity firm called ThreatFabric has uncovered a serious risk to security. It is important to understand how the threat works and what you can do to safeguard yourself.
What is a Trojan
A trojan is a well-known malware in the computing world. A trojan is basically a computer malware that is meant to deceive or mislead a user. It is used to steal private information, compromise a computer system or even steal funds. There are many dangerous trojans out there and security firms discover and track them.
The Cerberus Trojan
An Amsterdam-based cybersecurity firm, called ThreatFabric, has discovered a really dangerous trojan. The firm specializes in malware that attack the financial industry. This particular malware is called Cerberus and it can wreak havoc to your digital security system. Cerberus is alarming because it can steal two-factor authentication (2FA) codes generated by the Google Authenticator app. 2FA codes are used for internet banking, email accounts, and even cryptocurrency exchange.
If these codes are compromised, your entire digital security can be at risk. The result can be catastrophic, including the loss of a lot of funds. What is more alarming is that the trojan has a huge list of targets.
- traditional financial institutions
- cryptocurrency exchange,
- crypto wallets
Some of the most popular names in the financial industry are on the list of targets. That is what makes this even scarier. Further, 2FA has served as a really great method for protecting yourself. There was a time when you could just use your user ID and password. However, hackers found a way to attack this setup. As a result, the 2FA system came into existence. Even today, it is serving as a full-proof method to protect your online accounts. In fact, it is recommended as the go-to way by every company and cybersecurity expert.
Going forward though, the Cerberus trojan has raised some serious questions. Especially because of its recent update. If it wasn’t bad enough already, it has become even more of a threat.
An Updated Threat
Cerberus was first identified last year in June. ThreatFabric states that it was identified as a Remote Access Threat (RAT). This means that hackers can get remote access to your system using this malware. Also, anyone could use Cerberus as it was more like a malware-as-a-service. A scammer or hacker could probably get access to it from the dark web.
However, in January of this year, Cerberus got an update. After the update, it has become an even bigger threat. That’s because after the update it got the capability to steal 2FA codes from Google Authenticator. Not only that, but it also got the ability to steal device screen-lock PIN codes and swipe patterns. Basically your whole system can be compromised if infected by this malware.
Also, by whatever means, if the malware gets installed on your device, it can do more damage. It can download your device’s entire contents and give the hacker full remote access. This allows the hacker to run any app (including banking and cryptocurrency exchange apps). As you can see, this is not something you would want to happen to you.
One point of relief is that cybersecurity experts haven’t seen any advertisements for the updated version on the dark web. That means this update could still be in the testing phase. If that is so, experts can quickly try to counter its threats. Once it is released, it can create some really big headache for financial institutions. Therefore, it is vital than ever to gain awareness about this threat.
From ThreatFabric’s report, it can be understood that Android devices are at risk here. So, if you have an Android device, you should do the needful to safeguard yourself. The best practice is to make sure you haven’t installed any unauthorized apps. Make sure you also don’t download files from unknown sources or click on random links.
How Can You Be Safe?
Even though other systems like iOS may be safer, there are some steps you can take to be safe. One of the golden rules for cryptocurrencies is that you need to store them offline. If you store them on online exchanges, you risk losing them. That’s because malware such as Cerberus can get access to your accounts. The same is applicable for software wallets. Once the malware is on your phone, it can literally do anything. The worst part is that nobody will be able to tell that it wasn’t you but the virus. This makes tracing and law enforcement really hard.
That is why, as far as cryptocurrencies are concerned, store them in hardware wallets. They are the absolute safest methods. They are not like your typical smart devices as they only store crypto keys. No other piece of software can be installed on them. They also run on their own proprietary operating software. All of this makes it really hard (almost impossible) for a hacker to get access.
Different hardware wallets have been tested by hackers and they really proved themselves to be safe. Modern-day hardware wallets are very easy to use and you can even access them via Bluetooth on your phone. Make sure that you make security, your number one priority.