Security researchers from ThreatFabric warn of a new Android malware strain can now steal one-time
The malware-as-a-service Cerberus has emerged in the threat landscape in August 2019
According to researchers at Threat Fabric who first analyzed the malicious code, Cerberus implements features similar to other Android RAT, it allows operators to full control over infected devices.
The malware implements banking Trojan capabilities such as the use of overlay attacks, the ability to intercept SMS messages and access to the contact list.
The author of this malware is very active on Twitter and mocks security firms claiming to have avoided the detection for at least two years.
Now the authors implemented the ability to steal 2FA code from the Google Authenticator app abusing the Accessibility Privileges.
“Abusing the Accessibility privileges, the Trojan can now also steal 2FA codes from
Until now, experts have yet to find advertisements for these features in underground forums, a circumstance that suggests that this variant of Cerberus is still in the test phase.