The Android Cerberus Trojan as one of the best examples of mobile malware is now for sale! Prospective hackers and criminal groups looking for a new weapon can now auction for the complete source code of the threat as the developers have placed it for sale on the underground markets. The prices start at $50K USD however most deals close at $100,00!
Cerberus Android Trojan For Sale, most Buyers Get It For $100K!
Computer criminals can get notorious a new mobile hacking weapon if they enter the top new auction available on the underground markets. The well-known Android Cerberus Trojan has been put on auction by its developers and the starting price for it is $50,000 USD. Upon discovery it has become known that the majority of deals actually close at $100,000 USD which is double than the starting price.
The Android Cerberus Android Trojan is one of the popular tools used by different hacking groups in carrying out large-scale infections to mobile devices. The auction includes all major components of the malware including the malware APK, the administrative panel and the remote control server. All of this comes with all required installation and use guides, setup scripts and contacts to customers to buyers.
Cerberus is a malware-as-a-service example which became well-known last year in August when it was detected in a live campaign. The analysis then didn’t show any source code snippets from other famous threats. At that time this looked like a very formidable threat which was used to take over control of many devices. This Android Trojan includes all similar features and functionality which are expected of malware of this category — the main goal of the threat is to take over control of the devices by inducing a remote connection.
The Cerberus Android Trojan is of the banking Trojan subtype which means that its main goal will be to hijack credentials to financial services such as mobile payment solutions and banks. This is done by using any of the following advanced methods of data theft:
- Surveillance — The malware can be used to spy on the device owners by taking screenshots of their phones(tablets), recording audio, key input and all contained within data: SMS, messages, applications data and contacts.
- Device Tracking and System Access — The Cerberus Android Trojan can also access the locations data and edit out settings that are used by the installed applications and the system. The Trojan can disable security features, download additional data or remove software.
- Notifications and Access Manipulations — In order to scam the users into interacting with malware-controlled overlays and apps the criminals can create new push notifications or lock the screen of the users.
The developers of the Android Cerberus banking Trojan are active on Twitter and constantly release new functionality as the malware is updated. In one of the major additions to the main engine the Trojan has been upgraded with the ability to steal the two-factor authentication code from the Google Authenticator application which is done by using the well-known Accessibility Privileges abuse method.
At this moment it is believed that the Cerberus Trojan intrusions generate a revenue of about $10,000 per month. The reason for the sale of the source code is specified to be that the developers have split and can no longer support the customers.
Martin Beltov
Martin graduated with a degree in Publishing from Sofia University. As a cyber security enthusiast he enjoys writing about the latest threats and mechanisms of intrusion.
Follow Me: