Cerberus (Android)

Cerberus is a trojan horse targeting Android mobile phone banking credentials.

History
It was initially spotted in June 2019. It was spotted targeting Spanish and Latin American targets in September 2019. Its attacks are capable of stealing Google Authenticator and SMS 2FA tokens, behavior that was spotted in February 2020. In April 2020, variants has been spotted posing as COVID-19-related apps.

Cerberus is capable of logging all keystrokes (including passwords) and stealing 2FA tokens from Google Authenticator and SMS messages. It also allows remote control over the device using TeamViewer. It is sold as Malware as a service on underground forums.