OpenCTI Live Threat Report Feed

Hidden in Plain Sight: ErrorFather’s Deadly Deployment of Cerberus

NetmanageIT OpenCTI - opencti.netmanageit.com

Daniel Bender

1 min read
Hidden in Plain Sight: ErrorFather’s Deadly Deployment of Cerberus



SUMMARY :

This report examines a campaign called 'ErrorFather' that utilizes an undetected variant of the Cerberus Android Banking Trojan. The campaign employed a sophisticated multi-stage dropper technique to deploy the malicious payload, which incorporated features like keylogging, overlay attacks, VNC, and a Domain Generation Algorithm (DGA) for resilience. Despite being based on leaked Cerberus code from 2019, this variant successfully evaded detection, highlighting the persistent threats posed by retooled malware. The report provides a detailed technical analysis of the malware's functionality and the campaign's tactics.

OPENCTI LABELS :

malware,banking,android,dropper,overlay,cerberus


Open in NetmanageIT OpenCTI Public Instance with below link!


Use public read only username and password on login page.

NOTE : Use Public READ only user credentials on login page banner.


Hidden in Plain Sight: ErrorFather’s Deadly Deployment of Cerberus