Banking trojan Cerberus, the new headache for cyber security officials

India

oi-Vicky Nanjappa

New Delhi, May 20: The Central Bureau of Investigation has issued a nationwide alert on the banking trojan Cerberus. The CBI said that this tricks the smartphone users into downloading a malicious link relating to COVID-19.

The advisory was issued by the CBI, following an input from the Interpol. The trojan presents itself as an update related to COVID-19. The trojan primarily focuses on stealing financial data such as credit card numbers. It can use overlay attacks to trick victims into providing personal information and can capture two-factor authentication details, the agency also said.

India faced three times the cyber attack than the global average

The trojan takes advantage of the pandemic and sends a text message to lure a user into downloading the link with the malicious software. Once downloaded, the trojan application launches into phishing attacks to steal data such as credit card number and other details.

It may be recalled that the Ministry of Home Affairs had issued an advisory for those working from home. The MHA asked them to take precautions and not fall prey to cyber criminals. On Zoom and Google Hangout, the MHA had advised against sharing links inviting for a meeting publicly or through social media platforms.

MHA advisory on Zoom:

Prevent unauthorised entry in the conference room

Prevent an authorised participant to carry out malicious on

the terminals of other in the conference.

Avoid DOS attack by restricting users through passwords

and access grant.

Most of the settings can be done by login into users zoom account at website, or installed application at PC/Laptop/Phone and also during conduct of conference. However certain settings are possible through certain mode/channel only. For example, lock meeting can be enabled by administrator only when the meeting has started. This documents explains in details all the security configuration through website, App and through console during the conduct of conference.

Objective of security configurations:

Setting new user ID and password for each meeting

Enabling waiting Room, so that every user can enter only

when host conducting meeting admits him

Disabling join before host

Allowing Screen Sharing by host Only

Disabling "Allow removed participants to re-join"

Restricting/disabling file transfer option (if not required)

Locking meeting, once all attendees have joined

Restricting the recording feature

To end meeting (and not just leave, if you are administrator

Some tips:

Don't use your personal meeting Id (PMI) to host event, instead use randomly generated meeting IDs for each event.

Don't share your link on public platform, instead share randomly generated meeting id and password for every new meeting session/schedule. It makes it much secure and difficult to leak.

Maha cyber cell registers 395 cases for spreading rumours

If you are admin, remember to end meeting, dont just leave meeting.

Sign out of your account when not in use