216.73.217.176

Hidden in Plain Sight: ErrorFather’s Deadly Deployment of Cerberus

· Published 15/10/2024 09:16 · Modified 15/10/2024 09:45

Export JSON

Essential information

Published
15/10/2024 09:16
Modified
15/10/2024 09:45
Tags
2024-10-15 android banking cerberus dropper malware overlay
Related entities
20 observables, 1 malware

Description

This report examines a campaign called 'ErrorFather' that utilizes an undetected variant of the Trojan. The campaign employed a sophisticated multi-stage technique to deploy the malicious payload, which incorporated features like keylogging, attacks, VNC, and a Domain Generation Algorithm (DGA) for resilience. Despite being based on leaked code from 2019, this variant successfully evaded detection, highlighting the persistent threats posed by retooled . The report provides a detailed technical analysis of the 's functionality and the campaign's tactics.

External references