A new malicious campaign called ErrorFather is deploying Cerberus Android banking Trojan, identified by cybersecurity provider Cyble, using a multi-stage dropper to target specific victims with features like keylogging, overlay attacks, and VNC, while utilizing a Telegram bot and DGA for dynamic C2 server updates, highlighting the ongoing risks of retooled malware.
https://www.infosecurity-magazine.com/news/cerberus-android-banking-trojan/