Hidden in Plain Sight: ErrorFather’s Deadly Deployment of Cerberus
NetmanageIT OpenCTI - opencti.netmanageit.com
SUMMARY :
This report examines a campaign called 'ErrorFather' that utilizes an undetected variant of the Cerberus Android Banking Trojan. The campaign employed a sophisticated multi-stage dropper technique to deploy the malicious payload, which incorporated features like keylogging, overlay attacks, VNC, and a Domain Generation Algorithm (DGA) for resilience. Despite being based on leaked Cerberus code from 2019, this variant successfully evaded detection, highlighting the persistent threats posed by retooled malware. The report provides a detailed technical analysis of the malware's functionality and the campaign's tactics.
OPENCTI LABELS :
malware,banking,android,dropper,overlay,cerberus
Open in NetmanageIT OpenCTI Public Instance with below link!
Use public read only username and password on login page.
NOTE : Use Public READ only user credentials on login page banner.
Hidden in Plain Sight: ErrorFather’s Deadly Deployment of Cerberus