27.6 C
New Delhi
Thursday, May 6, 2021

The ‘BlackRock’ a new Android malware can steal passwords and card data from 337 apps including Uber, Gmail

The new malware are susceptible to being attacked by trojan including Gmail, Instagram, Uber etc.

Android malware
‘BlackRock’ Android malware

A new Android malware has emerged that can steal data from at least 337 Android apps called ‘BlackRock’. This malware was first tracked in May this year and discovered by a mobile security company called ThreatFabric. The company researchers said that BlackRock is based on the leaked source code of malware strain called Xerxes (Xerxes itself an other malware strain). BlackRock has been upgraded up with additional features, especially that help steal credit card information.

About: ‘BlackRock’ Android malware

BlackRock works like most other Android based banking apps except that it can target more 337 apps. It can steal both login credentials and also prompt victim to enter credit card details it apps support online transactions. ThreatFabric says that BlackRock malware collect data on the bases of overlays that involves detecting when the users is trying to interact with an infected app, the malware shows the fake window to collect users login details and card data before allowing the user to actually start using the main app.

Also Read: Google removed 11 apps due to joker malware attack

The security agency shared a report where the researchers have said that a large majority of BlackRock are mainly concentrated towards financial apps, social media apps and communications apps. However, BlackRock also overlays for dating apps, productivity apps and lifestyles apps as well. In this apps include the likes of Gmail, Instagram, Uber, Twitter etc. The BlackRock uses the Accessibility feature that grant itself access to other Android permissions and uses an Android DPC to give itself admin to the device. Then malware uses this access to show the overlays.

BalckRock can perform various intrusive operations like: Overlaying Dynamic, Keylogging, SMS harvesting (forwarding and listing), Device info collection, SMS sending, Self Protection(Hiding app icon), Remote action, Notifications collections, AV detection and Grant permissions. BlackRock is currently been activated in the guise of fake Google update packages offered by third party sites.

Related Articles

Here are the top 5 powerful gaming smartphones of 2020

Today, we will show you the best gaming smartphones that come out this year featuring the best processor, good screens, and a...

Realme Watch S or S Pro with Buds Air Pro Master Edition set to launch in India today

Realme Watch S series and Buds Air Pro master edition are set to launch in India today. The Realme new watch series...

Xiaomi Mi 11 series with the latest Snapdragon 888 processor to launch very soon

The company is expected to launch its flagship smartphones Mi 11 and Mi 11 pro on December 28. The...

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Latest Articles

Here are the top 5 powerful gaming smartphones of 2020

Today, we will show you the best gaming smartphones that come out this year featuring the best processor, good screens, and a...

Realme Watch S or S Pro with Buds Air Pro Master Edition set to launch in India today

Realme Watch S series and Buds Air Pro master edition are set to launch in India today. The Realme new watch series...

Xiaomi Mi 11 series with the latest Snapdragon 888 processor to launch very soon

The company is expected to launch its flagship smartphones Mi 11 and Mi 11 pro on December 28. The...

India’s biggest Call Of Duty Mobile tournament is host by Loco with a prize pool of Rs.35 lakh

Call of Duty Mobile tournament consists of two tournaments first is open and second is Pro. The teams from across the nation...

Apple TV app is coming to the new Google Chromecast feature

This feature will be rolled out to Chromecast with Google TV early next year. Other OS and Android TV devices will get...