• search
For Quick Alerts
Subscribe Now  
For Quick Alerts
For Daily Alerts

Banking trojan Cerberus, the new headache for cyber security officials


New Delhi, May 20: The Central Bureau of Investigation (CBI) has issued a nationwide alert on the banking trojan Cerberus. The CBI said that this tricks the smartphone users into downloading a malicious link relating to COVID-19.

Banking trojan Cerberus, the new headache for cyber security officials

The advisory was issued by the CBI, following an input from the Interpol. The trojan presents itself as an update related to COVID-19. The trojan primarily focuses on stealing financial data such as credit card numbers. It can use overlay attacks to trick victims into providing personal information and can capture two-factor authentication details, the agency also said.

India faced three times the cyber attack than the global average

The trojan takes advantage of the pandemic and sends a text message to lure a user into downloading the link with the malicious software. Once downloaded, the trojan application launches into phishing attacks to steal data such as credit card number and other details.

It may be recalled that the Ministry of Home Affairs had issued an advisory for those working from home. The MHA asked them to take precautions and not fall prey to cyber criminals. On Zoom and Google Hangout, the MHA had advised against sharing links inviting for a meeting publicly or through social media platforms.

MHA advisory on Zoom:

  • Prevent unauthorised entry in the conference room
  • Prevent an authorised participant to carry out malicious on
  • the terminals of other in the conference.
  • Avoid DOS attack by restricting users through passwords
  • and access grant.

Most of the settings can be done by login into users zoom account at the website, or installed application at PC/Laptop/Phone and also during conduct of conference. However, certain settings are possible through certain mode/channel only. For example, lock meeting can be enabled by administrator only when the meeting has started. This documents explains in details all the security configuration through website, App and through console during the conduct of conference.

Objective of security configurations:

  • Setting new user ID and password for each meeting
  • Enabling waiting Room, so that every user can enter only
  • when host conducting meeting admits him
  • Disabling join before host
  • Allowing Screen Sharing by host Only
  • Disabling "Allow removed participants to re-join"
  • Restricting/disabling file transfer option (if not required)
  • Locking meeting, once all attendees have joined
  • Restricting the recording feature
  • To end meeting (and not just leave, if you are administrator

Some tips:

Don't use your personal meeting Id (PMI) to host event, instead use randomly generated meeting IDs for each event.

Don't share your link on public platform, instead share randomly generated meeting id and password for every new meeting session/schedule. It makes it much secure and difficult to leak.

Maha cyber cell registers 395 cases for spreading rumours

If you are admin, remember to end meeting, do not just leave meeting.

Sign out of your account when not in use

For Daily Alerts
Get Instant News Updates
Notification Settings X
Time Settings
Clear Notification X
Do you want to clear all the notifications from your inbox?
Settings X
We use cookies to ensure that we give you the best experience on our website. This includes cookies from third party social media websites and ad networks. Such third party cookies may track your use on Oneindia sites for better rendering. Our partners use cookies to ensure we show you advertising that is relevant to you. If you continue without changing your settings, we'll assume that you are happy to receive all cookies on Oneindia website. However, you can change your cookie settings at any time. Learn more