You can load this machine by clicking on the "My machines" button
Cerberus F911 (often referred to simply as "Cerberus" or by its package names "f911") is a strain of Android banking trojan first identified in mid-2019. It was initially marketed as a Malware-as-a-Service (MaaS) on underground Russian-speaking forums. The "F911" designation likely refers to a specific variant or builder version—a digital signature left by its developers to distinguish this aggressive fork from earlier, less potent versions.
Using advanced sampling chambers, it can distinguish between actual smoke and common industrial pollutants. Addressable Communication:
Due to its rugged design and intrinsic safety, the Cerberus F911 is most commonly found in:
For apps that do not trigger an overlay (or as a backup), the malware activates a keylogger. Every keystroke—usernames, passwords, search queries, private messages—is recorded and exfiltrated.
Removing F911 is difficult because it uses Device Admin rights to prevent uninstallation.
This action cannot be undone.
This action cannot be undone.
You can load this machine by clicking on the "My machines" button
As a teacher I wanted to give assignments to my students, but (IMHO) the available simulators were not intuitive enough. We worked out the first version of this simulator with José Antonio Matte, an engineering student at PUC Chile. The simulator was functional but a bit unstable, so I created this second version. Please let me know if the simulator is being used in new institutions. If you find any bugs or have comments feel free to contact me.
Cerberus F911 (often referred to simply as "Cerberus" or by its package names "f911") is a strain of Android banking trojan first identified in mid-2019. It was initially marketed as a Malware-as-a-Service (MaaS) on underground Russian-speaking forums. The "F911" designation likely refers to a specific variant or builder version—a digital signature left by its developers to distinguish this aggressive fork from earlier, less potent versions.
Using advanced sampling chambers, it can distinguish between actual smoke and common industrial pollutants. Addressable Communication: cerberus f911
Due to its rugged design and intrinsic safety, the Cerberus F911 is most commonly found in: Cerberus F911 (often referred to simply as "Cerberus"
For apps that do not trigger an overlay (or as a backup), the malware activates a keylogger. Every keystroke—usernames, passwords, search queries, private messages—is recorded and exfiltrated. Using advanced sampling chambers, it can distinguish between
Removing F911 is difficult because it uses Device Admin rights to prevent uninstallation.