Technology News
  • Home
  • Apps
  • Apps News
  • New Android Malware Discovered That Can Steal Your Credentials, Credit Card Details

New Android Malware Discovered That Can Steal Your Credentials, Credit Card Details

BlackRock was first spotted in the Android malware world in May, according to the analyst team at ThreatFabric.

By Jagmeet Singh | Updated: 17 July 2020 18:48 IST
New Android Malware Discovered That Can Steal Your Credentials, Credit Card Details

Photo Credit: ThreatFabric

BlackRock targets a total of 337 apps, of which several are non-financial ones

Highlights
  • BlackRock targets apps such as Gmail, Netflix, and WhatsApp
  • The malware overlays a screen to steal user details silently
  • BlackRock initially pretends as a Google Update on Android devices
Advertisement

A new Android malware has been discovered by a team of security researchers that is found to target a list of social, communication, and dating apps. The malware, called BlackRock, is a banking Trojan — derived from the code of the existing Xerxes malware that is a known strain of the LokiBot Android trojan. However, despite being a banking Trojan, the malicious code is said to target non-financial apps. It pretends to be a Google Update at first, though after receiving user permissions, it hides its icon from the app drawer and starts the action for bad actors.

BlackRock was first spotted in the Android world in May, according to the analyst team at the Netherlands-based threat intelligence firm ThreatFabric. It is capable of stealing user credentials as well as credit card details.

Although the capabilities of the BlackRock malware are similar to those of average Android banking Trojans, it targets a total of 337 apps, which is significantly higher than any of the already known malicious code.

“Those ‘new' targets are mostly not related to financial institutions and are overlayed in order to steal credit card details,” the team at ThreatFabric said in a blog post.

The malware is said to have the design to overlay attacks, send, spam, and steal SMS messages as well as lock the victim in the launcher activity. It can also act as a keylogger, which essentially could help a hacker to acquire financial information. Furthermore, the researchers have found that the malware is capable of deflecting usage of an antivirus software such as Avast, AVG, BitDefender, Eset, Trend Micro, Kaspersky, or McAfee.

How does the malware steal user information?
According to ThreatFabric, BlackRock collects user information by abusing the Accessibility Service of Android and overlaying a fake screen on top of a genuine app. One of the overlay screens used for malicious activities is a generic card grabber view that could help attackers gain credit card details of the victim. The malware can also bring a specific per-targeted app for credential phishing.

blackrock overlay screens threatfabric BlackRock Android malware

BlackRock acquires user data by using an overlay technique
Photo Credit: ThreatFabric

 

BlackRock asks users to grant access to the Accessibility Service feature after surfacing as a Google Update. Once granted, it hides its app icon from the app drawer and starts the malicious process in the background. It can also grant other permissions itself after getting the Accessibility Service access and can even use Android work profiles to control a compromised device.

Extensive target app list
“In the case of BlackRock, the features are not very innovative but the target list has a large international coverage and it contains quite a lot of new targets which haven't been seen being targeted before,” the researchers noted in the blog post.

The list of 226 targeted apps specifically for BlackRock's credential theft include Amazon, Google Play Services, Gmail, Microsoft Outlook, and Netflix, among others. Similarly, there are also 111 credit card theft target apps that include popular names such as Facebook, Instagram, Skype, Twitter, and WhatsApp.

“Although BlackRock poses a new Trojan with an exhaustive target list, looking at previous unsuccessful attempts of actors to revive LokiBot through new variants, we can't yet predict how long BlackRock will be active on the threat landscape,” the researchers said.

Google hasn't provided any clarity on how it would handle the scope of BlackRock. Having said that users are recommended to stay away from installing apps from any unknown source or grant permissions to an odd app.

In 2020, will WhatsApp get the killer feature that every Indian is waiting for? We discussed this on Orbital, our weekly technology podcast, which you can subscribe to via Apple Podcasts or RSS, download the episode, or just hit the play button below.

Comments

For the latest tech news and reviews, follow Gadgets 360 on X, Facebook, WhatsApp, Threads and Google News. For the latest videos on gadgets and tech, subscribe to our YouTube channel. If you want to know everything about top influencers, follow our in-house Who'sThat360 on Instagram and YouTube.

Further reading: BlackRock, Android malware, ThreatFabric, Android Trojan, Android, LokiBot
Russia Is Hacking Coronavirus Vaccine Trials, Say US, UK, and Canada

Related Stories

New Android Malware Discovered That Can Steal Your Credentials, Credit Card Details
Comment
Share on Facebook Gadgets360 Twitter Share Tweet Snapchat Share Reddit Comment google-newsGoogle News
 
 

Advertisement

Featured
Follow Us
Latest Videos
More Videos
Tech News in Hindi
More Technology News in Hindi

Advertisement

Popular on Gadgets
Latest Gadgets
Popular Mobile Brands
#Trending Stories
  1. OnePlus 11R Solar Red With 8GB RAM, 128GB Storage Debuts in India: See Price
  2. Itel Super Guru 4G With YouTube, UPI Support Debuts in India: See Price
  3. Ray-Ban Meta Smart Glasses: Versatile and Practical
  4. OTT Releases This Week: Rebel Moon Part 2, Article 370 and More
  5. Samsung Galaxy F15 5G Gets new 8GB RAM Variant in India: Price, Offers
  6. Nothing Phone 2 Gets NothingOS 2.5.5 Update With ChatGPT Integration
  7. Vivo V30e to Debut in India on This Date; Key Features, Colours Revealed
  8. Acer Predator Helios 16, Helios Neo 16 Updated With 14th Gen Intel Core CPUs
  9. Apple's Rumoured 12.9-Inch iPad Air May Arrive With This Display Upgrade
#Latest Stories
  1. BWA Lays Down Self-Regulatory Guidelines on Token Listings for Indian Crypto Exchanges
  2. Samsung Galaxy F15 5G With 8GB RAM, 128GB Storage Launched in India: Price, Offers
  3. OnePlus 11R 5G Solar Red Variant With 8GB RAM, 128GB Storage Launched in India
  4. Adobe Express Mobile App With Firefly AI Is Now Available Globally
  5. Slack AI With New Recaps Feature Now Available to Paid Users Globally
  6. OnePlus Ace 3 Pro Design Features Surface Online; Key Specifications Tipped
  7. Acer Predator Helios 16, Predator Helios Neo 16 Refreshed With 14th Gen Intel Core CPUs in India
  8. EA Sports F1 24 Sets May 31 Release Date, Gameplay Features Revealed in New Trailer
  9. Meta AI Gets Upgraded With Llama 3 to Add New Features, Better Integration
  10. Vivo V30e India Launch Date Set for May 2; Design, Colourways, Key Specifications Revealed
Gadgets 360 is available in
Follow Us
Download Our Apps
App Store App Store
Available in Hindi
App Store
© Copyright Red Pixels Ventures Limited 2024. All rights reserved.
Trending Products »
Latest Tech News »