CBI warns against banking trojan 'Cerberus'

The Central Bureau of Investigation (CBI) on Tuesday issued a nationwide alert on banking trojan 'Cerberus' that tricks smartphone users into downloading malicious links related to COVID-19 following input from the Interpol.

The agency has alerted police forces of states and union territories as well as central agencies about the trojan that presents itself as an update related to the coronavirus pandemic.

"This trojan primarily focuses on stealing financial data such as credit card numbers. In addition, it can use overlay attacks to trick victims into providing personal information and can capture two-factor authentication details," the CBI said.

According to the agency, the trojan takes advantage of the pandemic and sends a text message to lure a user into downloading the link with malicious software. Once downloaded, the trojan application launches into phishing attacks, to steal data like credit card numbers and other details.

Trojan, is a type of malicious code or software that looks genuine but with the capability of taking control of one's computer. A Trojan is designed to damage, disrupt, steal, or inflict harmful action on data or network.

The audacity and speed of cybercriminals in attempting to cash in on the pandemic was also seen soon after Prime Minister Narendra Modi announced setting up of PM-CARES to collect funds for COVID-19 and a UPI for payment. Soon after, several fake UPI that is similar to the official ones flooded the cyber space, prompting banks and other official channels to issue warnings.

Several fraudulent websites and e-commerce platforms have mushroomed on the internet promising to sell medicines that could either prevent or cure COVID-19 while some others are being fooled to transfer money in the name of treating patients.

Investigators have come across trends like cyber criminals sending email links to susceptible people who unwittingly share their password and other details to them. One of the main methods used by the bad actors is creating fraudulent websites, e-commerce platforms, social media accounts and emails claiming that they are delivering medical products at home and ask them to pay via bank transfer.

Earlier, the Ministry of Home Affairs had issued an advisory for those working from home (WFH), asking them to take precautions to ensure that they do not fall victim to cyber criminals.

With several offices now resorting to meetings in the virtual world using video Apps and services like Zoom and Google Hangout, the advise is not to share links inviting for meeting publicly or through social media platforms.

With people increasingly using computers and laptops while working from home, another advise is that no one should use the same device for work and leisure activities. Always try to use computers and laptops provided by the company for official use instead of personal devices, it had said.

Using open or free Wi-Fi network is dangerous, the advisory warned as it recommended changing the default password of home Wi-Fi and admin passwords. Besides advising to change default passwords of all devices and online accounts, updating operating systems and anti-virus applications regularly.