← All stories

GBHackers

Cerberus Stalkerware Hits Google Play, Abuses Accessibility and Firebase for Remote Control

Mayura Kathir · 1 day ago · Read original ↗

ATT&CK techniques detected

6 predictions

T1056.001Keylogging

62%

"a victim ’ s device. these include silent front ‑ and rear ‑ camera photos, video and audio recording, continuous gps streaming, screen recording, sms and call log access, outgoing sms and call initiation, device lock and wipe, alarm activation, arbitrary app launch, tasker autom…"

Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.

No matches for .

Loading techniques…

T1219Remote Access Tools

52%

"cerberus stalkerware hits google play, abuses accessibility and firebase for remote control cerberus anti - theft, a long - running android “ security ” app, is operating as full - featured stalkerware on google play, abusing accessibility services and google firebase to give abu…"

Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.

No matches for .

Loading techniques…

T1053.005Scheduled Task

43%

"a victim ’ s device. these include silent front ‑ and rear ‑ camera photos, video and audio recording, continuous gps streaming, screen recording, sms and call log access, outgoing sms and call initiation, device lock and wipe, alarm activation, arbitrary app launch, tasker autom…"

Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.

No matches for .

Loading techniques…

T1113Screen Capture

41%

"a victim ’ s device. these include silent front ‑ and rear ‑ camera photos, video and audio recording, continuous gps streaming, screen recording, sms and call log access, outgoing sms and call initiation, device lock and wipe, alarm activation, arbitrary app launch, tasker autom…"

Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.

No matches for .

Loading techniques…

T1053.005Scheduled Task

39%

"cerberus stalkerware hits google play, abuses accessibility and firebase for remote control cerberus anti - theft, a long - running android “ security ” app, is operating as full - featured stalkerware on google play, abusing accessibility services and google firebase to give abu…"

Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.

No matches for .

Loading techniques…

T1056.001Keylogging

35%

"cerberus stalkerware hits google play, abuses accessibility and firebase for remote control cerberus anti - theft, a long - running android “ security ” app, is operating as full - featured stalkerware on google play, abusing accessibility services and google firebase to give abu…"

Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.

No matches for .

Loading techniques…

Summary

Cerberus Anti-theft, a long-running Android “security” app, is operating as full-featured stalkerware on Google Play, abusing accessibility services and Google Firebase to give abusers near-total remote control over victims’ phones. Once installed, Cerberus lets an abuser push a custom lock‑screen notification to the victim’s device from a web dashboard at cerberusapp.com or a paired smartwatch. […]

The post Cerberus Stalkerware Hits Google Play, Abuses Accessibility and Firebase for Remote Control appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.