Cerberus ANDROID Bot


A never-before-seen Android banking trojan, dubbed Cerberus, the step-counter to activate the bot once it hits a preconfigured threshold.

Categories: ,
Bot features:
  • SMS sending
  • 2FA grabber
  • SMS interception
  • Hidden SMS interception
  • Device lock
  • Mute the sound
  • Keylogger (messengers, watts app, telegram secret, banks, etc., except for browsers!)
  • Executing USSD Commands
  • Call forwarding
  • Opening a fake bank page
  • Running any installed application
  • Push bank notification (Automatic push - determines which bank is installed)
  • Open url in browser
  • Get all installed applications
  • Get all their phonebook contacts
  • Get all saved SMS
  • Removing any application
  • Bot self-destruction
  • Authentication of rights and permissions
  • The bot may have several spare urls for connecting to the server
  • Injections (html + js + css, download to the device and start from disk, poor connection or lack of internet will not affect the operation of injections)
  • Grabber card
  • Grabber mail
  • Automatic inclusion of injections after the time specified in the admin panel
  • Automatic shutdown of Google Play Protect + shutdown after the time specified in the admin panel
  • Anti-emulator (Bot starts to work after the device is active)
  Bot Properties:
  • Modularity
  • The application size of the bot is from 125 to 180 KB (Crypt is about 1 MB)
  • Works on versions of Android 5 and higher
  • Hidden SMS interception works from version 5 and higher
  • Injections work on all current versions of Android 5 - 10+
  • Data between the server and the bot is encrypted using the RC4 + base64 algorithm with a random key
  • Blocking bot deletion
  • Blocking disabling admin rights
  • Disabling Accessibility Service Lock
  • May have multiple fallback domains
  The bot sends data to the server where it is also displayed in the administration panel
  • Unique identifier of the bot
  • Android version
  • Build Marking
  • Country + language that is set in the device settings
  • Last jerk
  • Screen Status (on / off)
  • Google Play Protect Status
  • Accessibility Service Status
  • Administrator Rights Status
  • Receive state of the main module
  • SMS stealth status
  • The presence of bank logs, cards and mail!
  • List of established banks
  • IP device
  • Device infection date
  • Device model
  • Operator
  • Battery Status
  • Holder Cell Number
  • Phone activity (Determine the availability of the emulator)
  • Bot time!
  Features of the admin panel
  • Live admin panel
  • General and individual tasks
  • Bot table filtering
  • Adding your injections using a convenient interface
  • Download HTML injections
  • Statistics: Online, Offline, Logs
  • Storing application lists and phone contacts in the database
  • Separate logs of banks, cards and mail
  • The panel is located on the TOR network on our servers
  • Bilder