InsideBitcoins.com

Major Exchanges App being Targeted by New Trojans

Major Exchanges App being Targeted by New Trojans

According to a cybersecurity firm based in Amsterdam, ThreatFabric, there is a new Trojan that now targets top crypto exchanges. The Trojan, known as “Cerberus,” steals 2-factor authentication codes created by Google’s Authentication apps for cryptocurrency exchanges, email accounts, and internet banking.

The security firm gathered that Coinbase is among the list of targets for Cerberus, which also includes social media apps and financial services around the world.

No advert on the dark web for Cerberus updated features

ThreatFabric noted that there is currently no advertisement on the darknet forums for the latest update of the Cerberus Trojan. According to the security firm, the updated features may still be in the test period and may be released to the dark web very soon.

Threatfabric also reported that the Cerberus Trojan was discovered in June last year, which superseded the Anubis Trojan and comes out as a key malware-as-a-Soviet product.

According to the report, the malware was recently updated last month, as the updated version enabled the ability to steal two-factor authentication (2FA) protocols. It also enabled swipe patterns and screen-lock PIN codes of devices.

Trojan gives actors full control over devices

After the Cerberus Trojan is installed, it could download the contents on a device and establish connections to provide complete remote access to the device. Once the actor has control over the device, they use RAT to run any app on the affected device, which includes cryptocurrency exchange apps.

According to ThreatFabric, “The feature enabling theft of device’s screen lock credentials is powered by a simple overlay that will require the victim to unlock the device.”

The security researchers also said the screen-lock credential theft was designed in a way that the actors can carry out fraudulent activities when the victim is not making use of the device. It shows how creative criminals have become to succeed in their hacking activities.

Banking Trojans now target cryptocurrency wallet apps

ThreatFabric also analyzed two other RATs, Gustaf and Hydra, which became popular after Anubis.

Hydra previously targeted blockchain wallets and Turkish banks, but it has since expanded its target range. On the other hand, Gustaff targets government websites, Bitcoin wallets, and Canadian and Australian banks.

With Cerberus now involved, ThreatFabric reported that the targets of these three Trojans have now expanded to 26 crypto custody providers and exchanges, including Bitpay, Wirex, Xapo, Binance, and Coinbase.

Among the 26 targets, 20 of them are wallet providers that provide support for top cryptocurrencies such as Bitcoin, Bitcoin Cash, and Ethereum, ThreatFabric reported.

Top brokers for buying and trading cryptocurrencies

  • Platform
  • Features
  • Rating
  • Visit Site
  • US-Friendly
  • Paypal accepted
  • 12+ cryptocurrencies
4.5/5

Visit Site
75% of retail investors lose money.
eToro Reviews

    eToro Reviews

    https://insidebitcoins.com/visit/etoro-newsCreate your account
    Hide eToro Reviews
    • Best broker for non-US countries
    • Trade crypto CFDs, forex and stocks
    • No withdrawal or deposit fees
    4.5/5

    Visit Site
    80.5% of retail investors lose money.
    Plus500 Reviews

      Plus500 Reviews

      https://insidebitcoins.com/visit/plus500-newsCreate your account
      Hide Plus500 Reviews
      Remember, all trading carries risk. Past performance is no guarantee of future results.
      Avatar

      A journalist, with experience in web journalism and marketing. Ali holds a master's degree in finance and enjoys writing about cryptocurrencies and fintech. Ali’s work has been published on a number of cryptocurrency publications.