Security News > 2020 > May > Upgraded Cerberus Spyware Spreads Rapidly via MDM

Unusually, the sample propagated through the employee pool via the infected company's mobile device management server.

Perhaps most damagingly, cyberattackers can gain complete remote control of the device by running the TeamViewer remote access application.

"These capabilities include logging all keystrokes on the device, stealing Google Authenticator data and any SMS received, and commanding the device remotely via TeamViewer."

Apk module is also responsible for cleanup, and can remove itself both from the device's administrators list, and from the device itself.

Two malicious applications harboring the same Cerberus sample were found to be installed on a large number of the customer's devices.

News URL

https://threatpost.com/cerberus-trojan-major-spyware-targeted-attack/155415/