From time to time, we come across some or the other new malware that steals sensitive information from users. Now, a new malware called BlackRock has been discovered to affect as many as 377 popular smartphone apps across categories, thereby posing a high-risk rate for users.
What Is BlackRock Malware?
The cybersecurity firm ThreatFabric has discovered the new BlackRock malware. It can steal sensitive information such as passwords and credit card details from a slew of 377 apps. It is claimed to be a trojan and a variant of Xerxes developed by LokiBot. The difference is that BlackRock’s target list is much bigger. Unlike previous generation trojans that targets the banking apps, this one targets apps across categories such as social media, dating, music, videos and much more.
List Of Apps Affected By BlackRock Malware?
While BlackRock trojan does not have the same features as the previous-generation trojans, its target list makes it special. Though it is touted to affect a few hundreds of apps, it is not restricted only to these apps. Below is a list of some apps that are affected by BlackRock malware.
- Google Pay
- Amazon Shopping
- Facebook Messenger
- Facebook Lite
Besides the list of shopping, messaging, social media, banking and dating apps, the BlackRock malware also affects a slew of cryptocurrency wallets for data theft.
How Does BlackRock Malware Work?
BlackRock malware is quite similar to the other Android malware that we have seen. Once it is installed on a smartphone, it monitors the targeted app. As the user keys in the login or credit card information, the malware steals the information by sending the data to a server. BlackRock uses the device’s Accessibility feature and an Android Device Policy Controller to grant access to other permissions.
When BlackRock is launched, it will be hidden from the app drawer so that it is invisible. Once the accessibility service privileges are granted, it can grant additional permissions that it needs to function without any issues. And, it can receive commands from the command-and-control server and carry out the overlay attacks. This malware will spam the messages inbox, read all the text messages, forward SMSes received to the bank’s servers and send SMSes to others. It can read everything typed on the device, lock the phone’s screen and gather all the notifications received.
If users try to uninstall the app with an antivirus app, then it will be redirect to the homescreen to avoid being discovered and deleted. Apps such as TrendMicro, Avast, AVG, Eset, BitDefender, Kaspersky, etc. will not be allowed to install on the device.
Best Mobiles in India