Turkey targeted by Cerberus and Anubis Android banking Trojan campaigns
I recently set out to become more acquainted with Maltego, a useful program for open-source intelligence (OSINT) and forensics, developed by Paterva. I also noticed there is an ongoing campaign against Turkey using Android banking Trojans such as Anubis and Cerberus. Both are Malware-as-a-Service offerings that supply a builder and mobile remote access Trojan (MRAT) to steal credentials from Android users. Security researchers such as @MalwareHunterTeam, @ReBensk, @pr3wtd, and @mertcangokgoz, and others have all recently shared new samples of Cerberus and Anubis targeting users in Turkey with mobile data “gifts” that are offered from their mobile carriers due to COVID-19. Various websites are registered hosting links to fake apps, which were downloaded from the threat actor’s GitLab or BitBucket repositories. These apps are Android packages (.APK) that can be distributed via SMS, instant messaging app, on Twitter, via email, and other social engineering techniques. With the ...