The Central Bureau of Investigation (CBI) has recently issued a cyber alert to all Indian states, Union Territories, and central agencies regarding the potential threat of Cerberus, a malicious software that is exploiting the ongoing Covid-19 pandemic. The warning was based on information received from Interpol and has brought to light the risks of cyber attacks during these challenging times.
Cerberus: A Banking Trojan
Cerberus is classified as a banking Trojan. Its primary function is to steal sensitive financial information such as credit card numbers. Simply put, a Trojan is a type of harmful code or software designed to damage, disrupt, steal, or carry out malicious action on data or networks.
This particular Trojan also utilizes overlay attacks to deceive victims into divulging personal information, and even manages to capture two-factor authentication details.
Understanding Overlay Attacks
An overlay attack occurs when an attacker superimposes a window over an authentic application on a device. When the legitimate application is active, identical messages or data input forms open over it.
Unsuspecting victims who input their information, such as login credentials or bank card numbers, believe they are interacting with the original program, giving cyber attackers access to their private data.
The Role of Two-Factor Authentication in Cyber Security
Two-factor authentication is a dual-step security verification process where users must pass through two rounds of authentication to confirm their identity. Despite this additional layer of protection, the Cerberus Trojan proves advanced enough to bypass it.
How Banking Trojans Work
Banking Trojans are malicious programs designed to acquire confidential information about the customers and clients of online banking and payment systems. They create an avenue for cybercriminals to gain access to the sensitive financial information of unsuspecting victims.
Strategies of Cerberus Exploitation Amid Covid-19
Cerberus takes advantage of the global coronavirus pandemic, sending out phishing SMS messages to trick users into downloading a link infected with the malware.
It deploys its destructive application via these phishing schemes, luring users into installing it on their smartphones. The email or text message carrying the malicious link appears to be from a trusted source such as a bank.
When an unsuspecting victim enters details like login names and passwords on the fake website this link leads to, these login credentials are sent directly to the attacker, leading to a breach of cybersecurity.
In these perilous times, it is crucial for individuals and institutions to remain vigilant against cyber threats, constantly updating and strengthening their security measures to safeguard their sensitive data.