26 C
New Delhi
Wednesday, December 2, 2020

The ‘BlackRock’ a new Android malware can steal passwords and card data from 337 apps including Uber, Gmail

The new malware are susceptible to being attacked by trojan including Gmail, Instagram, Uber etc.

Android malware
‘BlackRock’ Android malware

A new Android malware has emerged that can steal data from at least 337 Android apps called ‘BlackRock’. This malware was first tracked in May this year and discovered by a mobile security company called ThreatFabric. The company researchers said that BlackRock is based on the leaked source code of malware strain called Xerxes (Xerxes itself an other malware strain). BlackRock has been upgraded up with additional features, especially that help steal credit card information.

About: ‘BlackRock’ Android malware

BlackRock works like most other Android based banking apps except that it can target more 337 apps. It can steal both login credentials and also prompt victim to enter credit card details it apps support online transactions. ThreatFabric says that BlackRock malware collect data on the bases of overlays that involves detecting when the users is trying to interact with an infected app, the malware shows the fake window to collect users login details and card data before allowing the user to actually start using the main app.

Also Read: Google removed 11 apps due to joker malware attack

The security agency shared a report where the researchers have said that a large majority of BlackRock are mainly concentrated towards financial apps, social media apps and communications apps. However, BlackRock also overlays for dating apps, productivity apps and lifestyles apps as well. In this apps include the likes of Gmail, Instagram, Uber, Twitter etc. The BlackRock uses the Accessibility feature that grant itself access to other Android permissions and uses an Android DPC to give itself admin to the device. Then malware uses this access to show the overlays.

BalckRock can perform various intrusive operations like: Overlaying Dynamic, Keylogging, SMS harvesting (forwarding and listing), Device info collection, SMS sending, Self Protection(Hiding app icon), Remote action, Notifications collections, AV detection and Grant permissions. BlackRock is currently been activated in the guise of fake Google update packages offered by third party sites.

Related Articles

Flipkart Black Friday Sale Brings Discounts on Smartphones

Flipkart Black Friday sale starts from 26th November to 30th November. In this sale, users can get the best discounts on the...

Redmi Note 9 5G or Note 9 Pro 5G launch today

The new upgraded version of Redmi Note 9 5G or Note 9 pro 5g is launching today. The company has scheduled an...

WhatsApp OTP scam: How to protect your account

Scamsters have always found new ways to take over people's accounts, and OTP is the most fool-proof way of scamming. So, here...

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Latest Articles

Flipkart Black Friday Sale Brings Discounts on Smartphones

Flipkart Black Friday sale starts from 26th November to 30th November. In this sale, users can get the best discounts on the...

Redmi Note 9 5G or Note 9 Pro 5G launch today

The new upgraded version of Redmi Note 9 5G or Note 9 pro 5g is launching today. The company has scheduled an...

WhatsApp OTP scam: How to protect your account

Scamsters have always found new ways to take over people's accounts, and OTP is the most fool-proof way of scamming. So, here...

Intel NUC M15 laptop launched with 11th-Gen processors

Intel launched its next unit of computing the mini-laptops called M15 with the 11th-Gen processor. The company-new mini-laptops series...

Pokemon Go ‘Go Beyond’ update November release

Pokémon Go new update will be adding a new season, faster leveling up of players, and new Pokémon of Kalos region.