India: CBI Issues Alert to States, UTs on Banking Phishing Software

May 20, 2020

CBI Issues Alert to States, UTs on Banking Phishing Software on Basis of Interpol Input: Officials

CBI Issues Alert to States, UTs on Banking Phishing Software on Basis of Interpol Input: Officials

The CBI has alerted police forces and central security agencies on an Interpol input about a malicious software, Cerberus, that infects phones to steal financial data by luring the user through SMSes, camouflaged as COVID-19 information, to download links containing the virus, officials said Tuesday.

A banking Trojan known as Cerberus is used by cybercriminals internationally and it is taking advantage of the novel coronavirus pandemic to impersonate and send SMSes under the cover of COVID-19-related content, asking innocuous users to download an embedded malicious link, they said.

Once downloaded the link, infects the phone deploying its malicious application that is used by phishing gangs to steal bank-related financial information of the user from the phone, they said.

After getting the global input, the agency, which is mandated to coordinate with the International Police Organisation Interpol as the National Central Bureau for India, alerted police forces of all states and union territories, besides central security agencies, the officials said.

In its message to Interpol Liaison Officers (ILOs) of all states and UTs, the CBI said that the banking trojan primarily focuses on stealing financial data such as credit card numbers, they said.

The ILOs are officers deputed in every state police organisation to liaison with the CBI over matters related to Interpol. Also, it can use overlay attacks to trick victims into providing personal information and can capture two-factor authentication details, they said.

In an unconnected statement on May 6, Craig Jones, Director of Cybercrime, Interpol, had said police and the cybersecurity industry had seen a considerable increase in the number of targeted cyberattacks by criminals since the virus' outbreak began.

These range from malicious web domains using the word 'COVID' to phishing emails promising the sale of crucial supplies as well as ransomware attacks against critical infrastructure and hospitals, he had said.

"Cybercriminals are diversifying attack vectors to launch cyberattacks exploiting the COVID-19 outbreak. These cyberthreats are causing serious harm to people and organisations, which exacerbate an already dire situation in the physical world. Now is the time when we all must come together to stop them," he had said.

Earlier, the Interpol had alerted about cybercriminals using ransomware to target hospitals and fake testing kits being in circulation for COVID-19 and international narco-traffickers using medical kits to smuggle drugs.

Read the original article and additional information at Cyware Social