BlackRock Android Malware Description
The BlackRock Android Malware is a threat, which targets mobile users. According to researchers, the BlackRock Android Malware is being distributed via fake application updates that imitate Google's design in order to trick users into believing that they are legitimate. The bogus updates in question are hosted on a third-party website. Users are urged to apply an urgent update in order to strengthen their device's security.
This Week In Malware Episode 19 Part 2: BlackRock Android Malware Stealing Passwords & Credit Card Data from Hundreds of Apps
Once installed, the BlackRock Android Malware may require users to permit it to use the 'Android Accessibility' module. This is a common trick used by countless cybercriminals. Getting this permission would allow the BlackRock Android Malware to carry out all types of malicious tasks.
The BlackRock Android Malware operates like a banking Trojan. However, the main strength of the BlackRock Android Malware is that it does not go after selected few banking applications. Instead, the BlackRock Android Malware targets more than 300 apps that fall in a wide variety of categories, including banking, news, social media, online dating, video and photo editing, and many more. This allows the BlackRock Android Malware to target a very wide spectrum of Android users.
The end goal of the BlackRock Android Malware is obtaining banking information from its victims. Since many applications offer in-app purchases, it is not very difficult for the BlackRock Android Malware to steal the payment information of its targets. The BlackRock Android Malware is designed to overlay a phishing page on top of the applications that it targets. The phishing overlays are carefully crafted in order to avoid raising any red flags. The phishing pages may require the user to fill in their login credentials or their payment details. Users who fall for the trickery of the BlackRock Android Malware will have their sensitive data hijacked and transferred to the C&C (Command & Control) server of the attackers.
The BlackRock Android Malware is capable of:
- Running applications.
- Sending text messages to the users present on the victim's contact list.
- Disabling security applications present on the device.
- Reading the user's text messages in order to complete 2FA (Two-Factor Authentication) required by some banking applications.
- Displaying push notifications sent by the attackers.
- Launching a mobile keylogging module that collects the victim's keystrokes.
As evident, the BlackRock Android Malware is a very potent threat, which is able to obtain sensitive information from its victims with ease. You should not neglect the security of your Android device – install a genuine, modern antivirus application that is compatible with your OS.