Home > news > What is BlackRok Android malware

What is BlackRok Android malware

Serious Android malware or virus

What is BlackRok Android malware

ThreatFabric a security firm has alerted about a new malware called BlackRock. It can steal data like passwords, credit card info etc in more than 377 apps including Amazon, Facebook, Gmail and Tinder etc..

What is BlackRock Malware:

This malware is designed from leaked source code of the Xeres malware and derived from LokiBot. So, why is this more alerted because it targets not only the banking apps, but also many other personal apps.

How does this work??
  • When this malware is installed it’s icon is hidden from the home screen or app-drawer. When a user enters some data in the banking apps it sends the data to server.
  • BlackRock uses the phone’s Accessibility feature, and then uses an Android DPC (device policy controller) to get access to other permissions.
  • Once it gets accessibility service privileges it grants it’s permissions that it required to fully function without waiting to interact with the server.
  • At this point, it is ready to receive commands from the command-and-control server and execute overlay attacks.
Main affected apps:
  • It can steal credentials such as usernames and passwords from 226 apps, including PayPal, Amazon, eBay, Gmail, Google Pay, Uber, Yahoo Mail, Amazon and Netflix, among others. In addition, the malware steals credit-card numbers from an additional 111 apps, including Facebook Messenger, Google Hangouts, Instagram, PlayStation, Reddit, Stype, TikTok, Twitter, WhatsApp and YouTube.

  • ThreatFabric says the malware can be used to send and steal SMS messages, hide notifications, keylogging, AV detection, and much more.

Can Antivirus prevent it??

The trojan will redirect the user to home screen(Close and will go to home screen) if the user tries to use antivirus as per a specific list including Avast, AVG, Bitdefender, ESET, Symantec, Trend Micro, Kaspersky, McAfee, Avira, and even applications to clean Android devices, such as TotalCommander, SD Maid or Superb Cleaner

How to protect your self??
  • Try to download apps only from playstore and beware of the apps that have lower ratings.
  • Ensure you have set strong passwords to all your applications.
  • Beware of spam emails and messages.

source: IndianExpress