A new Android Malware BlackRock is discovered which steals your card data and passwords from the apps like Gmail, Google Play, Netflix and more. The security research team has found a list of targeted social, communication, and dating apps.

BlackRock Android Malware Discovered Which Can Steal Important Data

New BlackRock Android Malware Can Steal Card Data & Passwords From 337 Apps
New BlackRock Android Malware Can Steal Card Data & Passwords From 337 Apps

According to the reports, BlackRock Malware is capable of targeting 337 apps. This malware can steal your important credentials. As per the analyst team at the Netherlands, the Malware was spotted on Android in May. The security firm ThreatFabric was the first one to detect the malware.

The researchers say, the Malware uses the source code of another malware. BlackRock malware has additional features, and it gives the ability to steal passwords and card information.

One of the main difference of this malware is that it can target 337 apps. The target is significantly higher than any other malware, we know till now.

In a blog post, the team at ThreatFabric said,

“Those ‘new’ targets are mostly not related to financial institutions and are overlayed in order to steal credit card details.”

It is said that the malware is designed to attacks, send, spam and steal SMS messages and lock the victim. The malware can act as a keylogger, which can help the hacker to collect financial information.

The malware is capable of diverting the usage of antivirus software like Avast, AVG, BitDefender, Eset, Trend Micro, Kaspersky, or McAfee.

ThreatFabric says BlackRock can collect the information by damaging the accessibility Service of Android device. Then it overlays a fake screen on top of the original app. A generic card grabber view can help the attackers gain credit card details.

BlackRock malware asks the users to give access to the Accessibility Service feature. Before requesting permission, it shows Google Update. Once you provide them with access, it will hide the app icon from the app drawer, and then it starts the malware process in the background.

Once it gets access to Accessibility Service, it gives permissions to other apps itself. To control a compromised device, it can also use Android work profiles.

The list of targeted apps:

The researches said, in a blog post,

“In the case of BlackRock, the features are not very innovative but the target list has a large international coverage and it contains quite a lot of new targets which haven’t been seen being targeted before.”

The list of targeted apps by BlackRock malware are:

  • Amazon
  • Google Play Services
  • Gmail
  • Microsoft Outlook
  • Netflix,
  • Uber
  • Twitter 
  • Snapchat
  • Instagram
  • Facebook,
  • Whatsapp and others.

The researchers said,

“Although BlackRock poses a new Trojan with an exhaustive target list, looking at previous unsuccessful attempts of actors to revive LokiBot through new variants, we can’t yet predict how long BlackRock will be active on the threat landscape.”

Till now, Google has not provided any details on how it will handle the BlackRock malware.

LEAVE A REPLY

Please enter your comment!
Please enter your name here