It was revealed that Cerberus banking Trojan cloaked as a genuine currency app on Google Play.
Avast cybersecurity researched said Tuesday that the particular malicious app posed as a genuine currency converter app intended for Spanish users.
Altogether, the software, “Calculadora de Moneda,” — translated as Currency Calculator — has been downloaded more than 10,000 times.
The mobile devices, including smartphones and tablets, that we use are used for communication as well as for entertainment, work, and as doorways to our financial accounts.
Consequently, today mobile threat has turned out to be a prevalent threat. Tech giants such as Google and Apple have set up stern security measures for software hosted in their official, reliable app sources. Nevertheless, at times threats still manage to slip the net.
The malicious app sidestepped Google’s security fences by posing and acting as a genuine app for the first few weeks after being accepted into Google Play. It seems that as users started to download the app in March, the software, at the outset, did not cause any damage and essentially served as a genuine and handy utility.
Nevertheless, after imparting conviction in the rising user base, the app then prompted dormant code that became a dropper for the Cerberus Trojan.
Avast observed that the malware is classy enough to read your text messages as well as grasp two-factor authentication (2FA) details. These security measures are projected to further defend our online banking sessions, but Cerberus can avoid these controls.
“Although this was just a short period, it’s a tactic fraudsters frequently use to hide from protection and detection i.e. limiting the time window where the malicious activity can be discovered,” Avast says.