K7 Ultimate Security Key



Cerberus, a well known Mobile Banking Trojan, which appeared in June 2019 had been active until July 2020. Cerberus features included overlay attacks, SMS control, disabling Google Play Protect, collecting device information, contact list harvesting and had a successful run with a huge victim base. More details about the Trojan can be found here. However, the Cerberus Banking Trojan source code was put up for auction as their development team parted ways. In August 2020, following a failed auction, the source code of the Cerberus was released for free on an underground forum.

  1. K7 Ultimate Security Key Crack
  2. K7 Ultimate Security Key Free Download
  3. K7 Total Security Download
  • K7 ultimate security serial key in Title/Summary. Serial Key Generator. Serial Key Generator is a program to help developers generate serial numbers for applications. You can generate serial keys using a custom number of columns and characters per column.
  • K7 protects your devices from all kinds of latest security threats. Make effective use of our free tools for specific technical needs.

K7 Ultimate Security Key Crack

K7 Total Security Activation Key till Oct 2019 Download K7's award-winning antivirus software & internet security solution that offers advanced virus protection for your PC's, laptops & mobiles. K7 Computing Private Limited. K7 ultimate security serial key in Description Ultimate Security Suite Fortify your computer against all security threats - without compromising your browsing experience and your PC performance.Protect your privacy and data with Ultimate Security Suite and effortlessly shield your PC from a single location.

The Rise of Alien

Alien, the infamous and parasitic child of Cerberus made quite a few headlines for its nefarious activities. Based on our in-depth analysis of this Trojan, we have evidence to prove that the Alien malware is a fork of the Cerberus, active since early January 2020.

In this blog, we are going to explain about the similarities and differences of Cerberus and Alien.

Similarities

2FA Stealer from Google Authenticator

The 2FA stealing technique code was added in Cerberus V2, and released in May 2020. The Cerberus 2FA code is almost identical to that of the new Alien malware as shown in Figure 2 and 3.

Figure 2 shows the Cerberus 2FA code.

Figure 3 shows the Alien 2FA code.

String Decryption

In order to evade detection, all the strings within the classes are base64 encoded and the resulting decoded strings are RC4 encrypted strings with a decryption key specific to each string. Interestingly, each encrypted string has its unique RC4 decryption key prepended as the first 6 bytes of the encrypted string.

Figure 4 and Figure 5 shows the decoding and decryption routine used by the malware.

Differences

Accessibility Service

Once Cerberus and Alien are installed on the device, it frequently brings up the accessibility service setting option on the device, as shown in Figure 6, until the user allows this app to have the Accessibility Service enabled so as to stay stealth by hiding its icon from the application drawer after its first launch.

With accessibility service enabled, this malware application runs a background service to monitor user activities without the user’s knowledge. This background service monitors if the user launches any one of the targeted applications. If any of the targeted applications is launched, this Banking Trojan opens a fake overlay screen, a phishing login page of that targeted application, where it asks the user to enter their confidential information.

C2 Communication

We can easily identify these malware from the C2 Communications as shown in Figure 7 and Figure 8. While the Alien malware has the POST data value “q=info_device&ws=[Encrypted data]”, Cerberus has the POST data value “action=botcheck&ws=[Encrypted data]”.

Figure 7 shows the POST request in the Alien C2 Communication.

Figure 8 shows the POST request in the Cerberus C2 Communication.

Shared Preference

In Android, Shared Preference allows to share and retrieve application data from shared preference files, which is present in the /data/data/[PackageName]/shared_prefs/[FileName].xml

Figure 9 and Figure 10 shows the values in the shared preference file. Here, the Alien malware writes the malware backup C2 domains with “SB” value after installation as shown in Figure 9.

Figure 10 shows the Cerberus shared preference value.

Conclusion

We foresee that, after the release of the Cerberus malware source code in underground forums, more new malware families utilising Cerberus source code might emerge very soon, as we have seen in the case of Mirai botnet. At K7, we protect all our customers from such threats. Do ensure you protect your mobile devices with a reputable security product like K7 Mobile Security and also regularly scan your devices with it. Also keep your security product and devices updated and patched for the latest vulnerabilities.

Indicators of Compromise (IoCs)

Package NameHashK7 Detection NameMalware Family
com.neurvpta.voryiaAF5E252EF3F7F98A30C09462C643051FTrojan ( 0055a1341 )Cerberus
glance.mind.cryC4E600762B299F99959EFFF47BC2EAD6Trojan ( 005633ff1 )Alien
magic.return.panther5cc93acf42d531ad187e69ef474ad2daTrojan ( 005633ff1 )Alien

The definitive online security package

Cyber crime has become ever-present. Millions of computer users suffer due to fraudulent online activities. Every time you connect to the internet without the right protection, you too can be attacked by cyber criminals. Be it swindling money from your bank account, misusing your credit card, crashing your computer or even splashing your children's pictures all over internet, they can attack without a warning.

K7 Ultimate Security Key Free Download

Introducing K7 Ultimate Security - the most comprehensive and affordable protection for home PCs. Recognized by industry insiders all over the world, it provides complete security against cyber criminals and other evolving cyber threats. Install K7 Ultimate Security today and protect yourself from becoming the next victim.

Strike Capability

K7 Total Security Download

K7 total security activation key
  • Automatically scans any USB media as soon as they are plugged in
  • Tracks websites accessed by kids and allows blocking of inappropriate sites
  • Identity protection prevents online theft of your personal information
  • Safe Surf uses cloud-based live data to immediately block access to malicious and phishing sites
  • Intelligent Multi-front Real Time Protection, Anti-Rootkit, Anti Spam, Smart Firewall and IDS

Defence Capability

  • Safe Search indicates the trust level of every website shown in your search result
  • Enhanced Carnivore prevents zero-day exploits, vulnerabilities and drive-by downloads
  • Cleans up the system automatically by undoing all the harmful changes done by malware
  • Control applications and games your kids can use
  • Vaccinates USB drive from getting infected

Benefits

  • Data Backup and Restore
  • AntiVirus
  • Anti-malware
  • Anti-Root kit
  • Zero day threat blocking
  • Comprehensive Device control
  • Two way Firewall & IDS
  • Antispam
  • Web Protection
  • Privacy & Parental Control
  • Bonus Tools