New Delhi: This new malware, BlackRock, threat emerged in May this year and was discovered by mobile security firm ThreatFabric.
Col. Inderjeet explains that once installed on a device, a malicious app tainted with the BlackRock does the data collection by abusing Android's Accessibility Service privileges, for which it seeks users' permissions under the guise of fake Google updates when it's launched for the first time on the device, as shown in the screenshots.
BlackRock uses the Accessibility feature of the Andriod Operating System to grant itself access to other Android permissions and then uses an Android device policy controller to give itself administrative access to the device.
Interestingly, of the 337 unique applications in BlackRock's target lists, many applications haven't been observed to be targeted by banking malware before. Those "new" targets are mostly not related to financial institutions and are overlayed in order to steal credit card details. The target list of non-financial apps contains famous applications such as but not limited to Tinder, TikTok, PlayStation, Facebook, Instagram, Skype, Snapchat, Twitter, Grinder, VK, Netflix, Uber, eBay, Amazon, Reddit, and Tumblr.